Sharepoint 2010 Anonymous Access refuses to cooperate

I have followed the steps in any of the hundreds of "basic steps to enabling SharePoint anonymous authentication" sites you will find (example).

I am doing this with a newly created Sharepoint 2010 web application, which I have extended into the "Internet" zone, and have enabled anonymous authentication on (both in the site collection and the web application).  When I try to access any of the .aspx pages, I get a 401 error.

However, I AM able to anonymously access other files on the site, such as graphic files.  So for example, if I punch this into a browser:
https://my.site.edu/sites/catalog/_layouts/images/blank.gif
or
https://my.site.edu/sites/catalog/Style%20Library/Images/Search_Arrow.jpg

They both pull up successfully.

So, something somewhere doesn't have the right permissions or something when it comes to pulling up actual full pages, but I have no idea where to even look.  I checked, and the master pages are all checked in, so are all the other pages I've looked at.  How do I track down what is causing this 401?
LVL 1
mgudites1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Rainer JeschorCommented:
Hi,
multiple areas you migh check:
- Review the IIS log for your web application - the status code should be at the end of each request
- Use a proxy like "Fiddler" to track each and every request and the return codes (alternatives are IE 11 (works beautiful) or Firefox or Chrome

Is this a publishing site / do you have activated any kind of approval processes?
It could be that an unpublished / unapproved page / element can cause this.

Anything else special on your page (e.g. third party web parts, custom master page ....)
Any reference added hard-coded to the internal url (which is not running anonymously)?

Thanks and HTH
Rainer
0
mgudites1Author Commented:
Hi Rainer,

To answer your questions:

In IIS, I do see hits, but I'm not sure if this is telling me anything:
2013-11-15 15:13:26 10.2.1.217 GET /sites/catalog/ - 443 - 10.1.0.40 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 200 0 0 31
2013-11-15 15:13:26 10.2.1.217 GET /sites/catalog/Pages/SectionsHome.aspx - 443 - 10.1.0.40 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 0 0 234
2013-11-15 15:13:39 10.2.1.217 GET /favicon.ico - 443 - 10.1.0.40 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 404 0 2 203
2013-11-15 15:13:40 10.2.1.217 GET /sites/catalog/Pages/SectionsHome.aspx - 443 - 10.1.0.40 Mozilla/5.0+(compatible;+MSIE+9.0;+Windows+NT+6.1;+WOW64;+Trident/5.0) 401 0 0 234

Open in new window


I actually tried Fiddler, but I can't really make sense of anything that's in there...at least I don't see anything that screams "problem."

I'm not sure if this is what you meant but, Sharepoint Server Publishing feature is active on this site.  I can't find anything that isn't published or approved.  When I go to "Content and Structure Reports" and I look at the "All Draft Documents" report, no folder has any draft documents.  I have not activated any kind of approval processes at this point.

No third-party stuff on the page, and I even tried creating a new, blank page and I can't get that to open anonymously either.  I also tried swapping the master page, making sure I'm using one that's Microsoft-provided, and no dice.  

There's nothing on the page referencing the internal URL, and I also did a view-source to see if I saw any references to the internal URL in there as well...nothing.

stumped :-/
0
Walter CurtisSharePoint AEDCommented:
Make that in IIS anonymous access is enabled for the extended SharePoint site.
0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

mgudites1Author Commented:
It is.
0
mgudites1Author Commented:
We made a breakthrough today and found what is likely causing the problem; I will test it tonight during non-peak hours.

I found that in IIS, among our various SharePoint sites, one site in particular (one of our older sites) has a binding of *:443 instead of server.whatever.com:443.  This is the last site that was created prior to these new sites that I'm trying to get working with anonymous access.

The ApplicationHost.config file looks something like this:

    <site name="Our SharePoint Portal" id="1234" serverAutoStart="true">
                    <binding protocol="https" bindingInformation=":portal.whatever.com:443:" />
    </bindings>

    <site name="Another SharePoint Site" id="2020801276" serverAutoStart="true">
                    <binding protocol="https" bindingInformation="*:443:" />
    </bindings>

    <site name="New Anonymous Site" id="5678" serverAutoStart="true">
                    <binding protocol="https" bindingInformation="anon.whatever.com:443:" />
    </bindings>

Open in new window


The top two sites are working, but when requests for the new site anon.whatever.com are made, it's utilizing the middle entry (*:443) because technically, it's a match.  I found that I can disable the new IIS web site that was created for our new anonymous application, and it still works!!  Because, requests for it are actually going through the IIS instance for one of our other SharePoint applications.  So basically, this new web app is running through the IIS instance for the old web apps, even though we specifically specified for it to use new IIS sites.

In short, I think all I need to do is add a host header for the older site that is missing it (entry #2 in my code above), and then my new site should start running on the IIS instance that it's actually supposed to be running on.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Walter CurtisSharePoint AEDCommented:
Great work. Keep in mind any modifications to Alternative Access Mapping in SharePoint you may have to make.
0
mgudites1Author Commented:
We ended up figuring it out
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SharePoint

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.