Error 403 when opening workitems from project portal dashboard with Team Foundation Server 2010


Symptom


You have a Team Foundation Server 2010 installation. When you installed and subsequently configured Team Foundation Server on your application tier computer, you allowed the Configuration Wizard to install Windows SharePoint Services 3 to an existing web site on port 80. 

A user who is not a member of the Administrators group on the application tier computer navigates to a team project portal page, and to one of the dashboard pages. The user then attempts to access a workitem in one of the query lists by selecting it and pressing Enter, or double clicking on the workitem. 

The following page is presented in a new browser window:

The website declined to show this webpage

HTTP 403  

If you click the More information link, the following text is displayed:

This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.

 
If a user who is a member of the local Administrators group on the application tier server attempts the above operation, it will succeed. Once the operation has succeeded, the above error will no longer occur for any users until the WSS application pool restarts.

Cause


Non-administrator users do not have permissions to access the following folder:

c:\inetpub\wwwroot\bin

An attempt to read this folder is made by SharePoint when the workitem is loaded.

Resolution


Provide the following permissions to the c:\inetpub\wwwroot\bin folder for the group "Authenticated Users":

Read & Execute
Read
List