Solved

IIS6.0 UNC Shared Virtual Directory 401.3 Error

Posted on 2004-04-29
6
760 Views
Last Modified: 2013-12-04
Hey all,

I have the current setup:
- Web server (machine name "server") IIS6.0 Windows2003
- Web server has a header of "users.domain.com"
- Virtual directory named "Test"
- Virtual directory has passthru credentials enabled (the Always user the authenticated user's credentials when validating access to the network directory is checked)
- Virtual directory pointing to \\shares\Users
- Virtual directory has anon access removed
- Only Windows Authentication is enabled

- File server (machine name "shares") running Windows2003
- Share of "Users" has Everyone permissions and security set to Full Control

Both of these machines are in the same domain.

When I try to access http://users.domain.com/Test I get a credentials box which I fill out w/ the Administrator's credentials.  However, after that I'm greeted by 2 more attempts which then lead to a 401.3 error.  Does anyone know why on earth I can not for the life of me get access to that UNC share through a web browser?  Is there a local security policy that I have to set?  When I add the share to the "Shares that can be accessed anonymously" list, then I can get through, however the user is not the authenticated user, it's the ANON USER.

Thanks!
0
Comment
Question by:TivexExchange
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 4

Expert Comment

by:matalyn1016
ID: 10956274
Ok, this is a lot of reading but well worth it and it answers your question. - http://www.serverwatch.com/tutorials/article.php/3113161
0
 

Author Comment

by:TivexExchange
ID: 10964419
Right... I just don't understand how i'm applying FULL PERMISSIONS to Everyone both on the share and on the file system and yet I'm still getting 401.3 errors.  It would be really handy to see what exactly is being checked for and the credentials that are being used....
0
 
LVL 4

Accepted Solution

by:
WerewolfTA earned 250 total points
ID: 11597544
I'm guessing you're using this like an Intranet site, right?  We had a similar issue here.  Even though we were pointing to http://servername.domainname, which was clearly on our internal domain as the domain name ended in .local, the browser would treat it like it was in the Internet Security Zone, and refuse to pass AD credentials, prompting for logins and in some cases still refusing to let us into certain locations.  We added *.servername.domainname into the Local Intranet security group in IE, and everything cleared up.  After that, we set the same thing through Group Policy and now everyone gets the permissions they're supposed to as set with ntfs permissions on various folders using their cached credentials, no login prompts.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to fix error ""Failed to validate the vCentre certificate. Either install or verify the certificate by using the vSphere Data Protection Configuration utility" when you are trying to connect to VDP instance from Vcenter.
A Bare Metal Image backup allows for the restore of an entire system to a similar or dissimilar hardware. They are highly useful for migrations and disaster recovery. Bare Metal Image backups support Full and Incremental backups. Differential backup…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

737 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question