Error message when you try to run a Web application that is hosted on IIS 7.0: "HTTP Error 401.1 - Not Found"

Article translations Article translations
Article ID: 942044 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

When you try to run a Web application that is hosted on a server that is running Internet Information Services (IIS) 7.0, you may receive an error message that resembles one of the following error messages:
Error message 1
Server Error in Application "Application Name"
HTTP Error 401.1 - Unauthorized
HRESULT: 0x8009030c
Description of HResult: You do not have permission to view this directory or page using the credentials that you supplied.
Error message 2
Server Error in Application "Application Name"
HTTP Error 401.1 - Unauthorized
HRESULT: 0x8007052e
Description of HResult: You do not have permission to view this directory or page using the credentials that you supplied.

CAUSE

This problem occurs because the <deny users> list in the Web.config file of the Web application is set to restrict certain users. This setting appears even though IIS 7.0 is configured to authenticate users who have valid Windows credentials. The <deny users> list is in the <authorization> section of the Web.config file.

Note The Web application uses the settings in the Web.config file to configure the Web application.

RESOLUTION

To resolve this problem, use one of the following methods.

Method 1

In the <allow users> list of the Web.config file, add all users to whom you want to assign permissions. To do this, follow these steps:
  1. On the server that is running IIS, click Start, type notepad in the Start Search box.
  2. In the Programs list, right-click Notepad, and then click Run as administrator.

    If you are prompted for an administrator password or for a confirmation, type your password or click Continue.
  3. On the File menu, click Open. Locate the folder that contains the files for the Web application.
  4. In the File name box, type web.config, and then click Open.
  5. In the Web.config file, locate the following lines of code.
    <authorization>
          <deny users="*" />
    </authorization>
    
  6. Add the <allow users> list to the Web.config file. Add to the <allow users> list all users to whom you want to assign permissions.
    • To assign permissions for the Web application to all users in a certain group, add the following code.
      <authorization>
            <allow roles="<domain_name>\<group_name>" />
            <deny users="*" />
      </authorization>
      
    • To assign permissions only to specific users, add the following code.
      <authorization>
            <allow users="<domain_name>\<user1>,<domain_name>\<user2>,<domain_name>\<user3>" />
            <deny users="*" />
      </authorization>
      
  7. On the File menu, click Save.
  8. On the File menu, click Exit.

Method 2

Log on to the Web application by using the credentials of a user who appears in the <allow users> list of the Web.config file.

MORE INFORMATION

For more information, visit the following Microsoft Developer Network (MSDN) Web site:
http://msdn2.microsoft.com/en-us/library/wce3kxhd(vs.71).aspx

Properties

Article ID: 942044 - Last Review: September 25, 2007 - Revision: 1.1
APPLIES TO
  • Microsoft Internet Information Services 7.0
Keywords: 
kbexpertiseadvanced kbtshoot kbprb KB942044

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com