How do I solve a 401 Unauthorized - IIS Permissions error?

Posted on 2009-02-12
Last Modified: 2012-05-06
Currently have a intranet application that uses Windows Integrated Authentication to validate the users.  We don't allow anonymous access to the site.  The server is currently being run on a Windows 2000 server with IIS 5.0.   The drive has NTFS permissions.

One of our pages will read a certain directory for the file information and provide link to an XML file, so the user can click on and view the contents of that XML file.

After the page has successfully read the directory and provided the appropriate link, clicking on the link for the XML file, returns HTTP 401.1 - Unauthorized: Logon Failed.  

This message is found in the System Event Log
Event Type:      Warning
Event Source:      W3SVC
Event Category:      None
Event ID:      100
Date:            2/11/2009
Time:            11:55:47 AM
User:            N/A
Computer:      <server_name>
The server was unable to logon the Windows NT account 'IUSR_<server_name>' due to the following error: Logon failure: the user has not been granted the requested logon type at this computer.  The data is the error code.

I have looked at several articles pointing me in the direction of making sure that IUSR_ has "Logon Locally" and "Access computer from Network".   This user has those permissions.

I have verified that the NTAuthenticationProviders is NTLM, Negotiate.

What am I missing or what should I look at to solve this problem.  Do I need to set "Read" File permissions on that folder and the files within that directory for the IUSR_<servername>?

Question by:kkluth
    LVL 13

    Accepted Solution

    1. Ananynmous is disabled as only authenticated users are allowed to access.

    2. Does the user or the group which has access over this share given permission....

    Rt click the site folder in server and see in permissions if the group or the user who have access to this location are given proper permission....

    Author Closing Comment

    Thank you for your response as it helped point me in the right direction.  Within IIS the folder turned on Integrated Security.  Works fine.

    Featured Post

    How your wiki can always stay up-to-date

    Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
    - Increase transparency
    - Onboard new hires faster
    - Access from mobile/offline

    Join & Write a Comment

    Suggested Solutions

    Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
    Today I came across an interesting issue that had me pulling my hair out.  I was troubleshooting a new internal web site which uses integrated security instead of anonymous.  When browsing the site from my laptop, I was able to access it with no iss…
    To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
    In this sixth video of the Xpdf series, we discuss and demonstrate the PDFtoPNG utility, which converts a multi-page PDF file to separate color, grayscale, or monochrome PNG files, creating one PNG file for each page in the PDF. It does this via a c…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now