Solved

HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource

Posted on 2006-12-01
8
5,304 Views
Last Modified: 2008-12-20
Hello

I have recently built a Software Update Service server on Windows 2003.

When I am trying to launch the config page (http://<machine_name>/SUSAdmin), I receive the following error;

You are not authorized to view this page
You do not have permission to view this directory or page due to the access control list (ACL) that is configured for this resource on the Web server.
HTTP Error 401.3 - Unauthorized: Access is denied due to an ACL set on the requested resource

The IIS version is 6.0. Anonymous access is being used with IUSR_<machine_name> account.

Any IIS gurus out there to help?
0
Comment
Question by:Dilan77
  • 4
  • 4
8 Comments
 
LVL 10

Expert Comment

by:AndresM
ID: 18053358
see if IUSR_<machine_name> has READ permissions under the directory where is configured /SUSAdmin
0
 
LVL 2

Author Comment

by:Dilan77
ID: 18053381
Do you mean the directory in C or D drive, or the directory of the web content?
0
 
LVL 10

Expert Comment

by:AndresM
ID: 18053406
I mean NTFS permissions. To see wich directory is configured under /SUSAdmin, open IIS manager, right-click SUSAdmin virtual dir, and choose Open. Then see if IUSR_<machine_name> has read permissions on that folder.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 
LVL 2

Author Comment

by:Dilan77
ID: 18053720
Thanks.

The user wasn't there, I added the user and gave it READ writes, however I'm still getting this error.
0
 
LVL 10

Accepted Solution

by:
AndresM earned 500 total points
ID: 18053737
In IIS MMC, in the properties of the virtual dir SUSAdmin, security tab, what happens if you configure only windows authentication?
0
 
LVL 2

Author Comment

by:Dilan77
ID: 18053818
that seems to work...excellent.

is there any downside to keeping at this (apart from the need to log into the SUS site, which is not necessarily a bad thing)?
0
 
LVL 10

Expert Comment

by:AndresM
ID: 18053849
No, it depends on your needs, but I think that a SUSAdmin site should have windows authentication, not anonymous, for security reasons. I would also restrict NTFS permissions to admins only, or something like that.
0
 
LVL 2

Author Comment

by:Dilan77
ID: 18053883
Brilliant, thanks a lot for the prompt help
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question