iis 401 error

I have an application running on a Windows 2008 R2 server in IIS.

The web portal has an "Admin options" link at the login screen where I edit the SQL backend database settings.

When I click the link it's prompting me for Windows Authentication. I cannot seem to get past this part as it always results in the following error:

"Server Error - 401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied"

I am using the domain admin account (which is the only account that was used in setting up the application).

I have checked the security settings on the files and directories themselves in Windows Explorer and in IIS and they all show that Administrators have Full Control. I also tried using the local Aministrator account of the server, but that also results in the same error.

The link in question is trying to access a folder called "Admin". In IIS, the Athentication setting shows everything disabled except for Windows Authentication.

Can someone suggest how I can troubleshoot this?

Thanks,
Paul
LVL 2
IT_ServiceAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

arnoldCommented:
This means that within the IIS site security section configuration you do not allow anonymous login , basic, digest only NTLM is enabled! the browser that connects does not support the mechanism of your choice.
This issue is one because NTLM/window authentication only supported within trusted locations.  In the browser you are testing, add this site to the trusted list and see it work provided the credentials of the user logged in are valid on the IIS.
0
IT_ServiceAuthor Commented:
I added the site to trusted sites, restarted IIS and the browser too.

I tried to log in again, but still the same error.

I have a work around - just disabling Windows Authentication and enabling Anonymous, then changing the settings and then setting it back to Windows Authentication.

It would be great to find the solution though.
0
arnoldCommented:
Are the two system on the same AD?
http://technet.microsoft.com/en-us/library/cc733010(v=ws.10).aspx
Covers the different auth methods and their dependencies.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

Aaron TomoskySD-WAN SimplifiedCommented:
try basic instead of windows.
0
arnoldCommented:
The asker seems to want transparent authentication where the user is not involved.
0
IT_ServiceAuthor Commented:
I'm not sure what you mean by "the two systems".

The web sever is a member server on the domain. I don't want users to be able to access the "admin options" page. I don't really care if it uses Windows authentication, but I would like it to use some kind of authentication.
0
arnoldCommented:
Use basic, digest which will prompt the user by the web server for credentials which means you would need the user accounts that are allowed, to the directory security tab. If you have not made sure that the user account that you want to have access was not added under the security tab, it could explain why your windows authentication fails. I.e. The browser sends your credentials, but based on the security tab, your user account is not set there with rights of access.  The alternative, is to maintain/grant access within the application pages of the site.
I.e. When someone accesses the admin pages, your asp, aspx, outputs a login form with credentials maintained in a database as well as what type of access the user has.

The web based security is limited to allow or not.
The application based security has much more flexibility allow access to items 1,2,4,6,7,8 to add/modify/delete
Items 5,9,15,23 view only, etc.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.