Last post Oct 31, 2012 04:54 PM by rsford31
Nov 05, 2007 09:30 AM|mabrito|LINK
When I go to publish my ASP.NET 2.0 website on IIS 7 on my computer that has Vista Business im having a hard time. I get this error:
Server Error in Application "Default Web Site"
HTTP Error 401.3 - Unauthorized
Description: You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.
Error Code: 0x80070005
Module: IIS Web Core
Requested URL: http://localhost:80/music
Physical Path: C:\Users\Jonathan\Documents\webroot
Logon User: Anonymous
Logon Method: Anonymous
Most likely causes:
* The user authenticated by the Web server does not have permission to open the file on the file system.
* If the resource is located on a Universal Naming Convention (UNC) share, the authenticated user may not have sufficient share and NTFS permissions, or the permissions on the share may not match the permissions on the physical path.
* The file is encrypted.
What you can try:
* Open Windows Explorer and check the ACLs for the file that is being requested. Make sure that the user accessing the Web site is not being explicitly denied access, and that they do have permission to open the file.
* Open Windows Explorer and check the ACLs for the share and the physical path. Ensure that both ACLs allow the user to access the resource.
* Open Windows Explorer and check the encryption properties for the file that is being requested. (This setting is located in the Advanced attribute properties dialog.)
* Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
More Information... The user trying to access the page was successfully logged on, but the user does not have permission to access the resource. This means the access control list (ACL) for the resource either does not include the user or explicitly denies the user. Check the ACL for the resource and add the user to the ACL. If the content is located on a share, ensure both NTFS and share permissions allow the user access. It is also possible that the user is part of a group that is denied access.
Microsoft Knowledge Base Articles:
Server Version Information: Internet Information Services 7.0.
Nov 06, 2007 09:31 AM|OWScott|LINK
forums.iis.net is the best place for this type of question. That's a well watched forum specifically for IIS.
But, a pointer in the meantime: try out Process Monitor from
www.sysinternals.com and after running it during the failure, search for the word denied. That should tell you the missing permission and what it needs. For example, NETWORK SERVICE and the anonymous or authenticated user will need permissions to the
webroot folder, but ASP.NET may also need list permissions for all of the folders above it: (documents, jonathan and users) Process Monitor will tell you for sure.
Nov 13, 2007 08:08 AMfirstname.lastname@example.org|LINK
You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.
Doesn't get much plainer, check NTFS permissions and encryption.
Nov 13, 2007 11:20 AM|mabrito|LINK
Yeah I know, its working now though. I forgot to update this thread when I fixed it.
Sep 04, 2008 12:52 PM|patron|LINK
I have the same problem ; I couldn't delete a file using asp.net.vb. Typical ntfs permission issue. I looked at security tab but I am not suer which user should have write permssion to folder?
IUSR , IIS_IUSR , SYSTEM, ETC.
p.s. I am using iis7 under vista ultimate
Sep 04, 2008 03:23 PMemail@example.com|LINK
I looked at security tab but I am not suer which user should have write permssion to folder?
Oct 21, 2009 02:21 AM|praveen.chandran|LINK
I think, You set the full permission to the user "Everyone" for the physical directory.
Nov 10, 2009 01:48 AM|Hostingpreview|LINK
Some information about Microsoft IIS7 hosting could be found at
Mar 18, 2010 05:00 PM|kgolding|LINK
This was very helpful, however, I still had a lot of trouble with IIS 7.5 (Windows 2008 R2). I had reconfigured the App Pools to use the network service account. I added the Network
Service account to the IISUsers local group. I than added that group to my INETPUB folder. (It is a test server, so I am not over concerned about permissions). After doing all of this, I still received the 401.3 error. Using the process monitor, I did find
that IUSR was the account that was causing the exception, so I added the IUSR account to the IISUsers account which already had pretty much full access to the folder. Still no dice. After scratching my head for a while, I finally added the IUSR account to directly
to the folder permissions, and that worked.. I am happy, but that was not what I was expecting. There really should not be a difference between having the IUSR account directly add and having the IUSR account a member of a group that has the same access..?
Nov 01, 2010 07:02 AM|g_mani|LINK
This old post helped me to solve the issue. I just add IUSR in security tab and gave full access. Now working fine.
Oct 31, 2012 04:54 PM|rsford31|LINK
I'm having this issue as well and haven't been able to resolve it. I changed the app pool for my site to NetworkService, for authentication on the site folder (i.e.
www.mysite.com/protectedfolder) enabled basic authentication and disabled anonymous authentication, created a user name and password in the local users and groups, added the user to the protectedfolder site
folder with read access, added IUSR with read access and no go. I get prompted for the user name and password but when I enter it in the box just reappears. After three tries I get the HTTP Error 401.3 - Unauthorized error. The account is not locked and I've
reset the password. I'm not sure what I'm doing wrong.