Sharepoint MOSS 2007 issue with single user receiving 403 error
We've got a few sharepoint farms in our company, a single prod unit, and multiple test and staging environments. our staging server is giving us trouble with a single test account that we can't seem to shake out. The user simply cannot log in to sharepoint. They are a simple domain user with minimal domain rights, but standard user level access in sharepoint. We've been down the path of trying to work with services permissions to fix this issue -- but as a sharepoint user, what local service permissions should this user even have? authenticated users in general should have only the slightest control over services, right?
This failure message is sporadic and unpredictable. It may have even completely gone away with my efforts to make more relaxed permissions on MSDTC. At the end of the day, that one individual user is still given SIMPLE 403 FORBIDDEN errors from IIS upon logging in. Strangely enough, it takes 3 login attempts to generate this message. Any ideas?
Event Type: Failure AuditEvent Source: SecurityEvent Category: Object Access Event ID: 560Date: 10/6/2009Time: 2:55:20 PMUser: domain\SP_CBP_Test_00749Computer: somecomputerDescription:Object Open: Object Server: SC Manager Object Type: SERVICE OBJECT Object Name: WinHttpAutoProxySvc Handle ID: - Operation ID: {0,475837461} Process ID: 432 Image File Name: C:\WINDOWS\system32\services.exe Primary User Name: somecomputernameSTAGING$ Primary Domain: somedomain Primary Logon ID: (0x0,0x3E7) Client User Name: SP_CBP_Test_00749 Client Domain: ALS Client Logon ID: (0x0,0x1C5CACEA) Accesses: Query status of service Start the service Query information from service Privileges: - Restricted Sid Count: 0 Access Mask: 0x94