IIS - 401.3 - Unauthorized

Question

I am trying to get started with using IIS. I created a new site on IIS Manager, mapped it to a folder on my file system and added index.html to the folder. I have set the po

Answer 1

I have struggled on this same issue for several days. It can be solved by modifying the security user access properties of the file system folder on which your site is mapped. But IIS_IUSRS is not the only account you must authorize.

• In IIS management console, in the Authentication part of the configuration of your site, modify the "Anonymous authentication" line and check the account set as "Specific user" (mine is IUSR).
• Give read and execution permission on the folder of your site to the account listed as the specific user.

OR

• In IIS management console, in the Authentication part of the configuration of your site, modify the "Anonymous authentication" line by selecting "Identity of the application pool" instead of "Specific user".

Answer 2

Try this solution:

https://serverfault.com/questions/38222/iis-7-5-windows-7-http-error-401-3-unauthorized

Also check if the user running the IIS AppPool has read access to that folder/file.

Have a look at this:

http://www.iis.net/learn/manage/configuring-security/application-pool-identities

Also have a look at this:

http://www.iis.net/learn/get-started/planning-for-security/understanding-built-in-user-and-group-accounts-in-iis

Answer 3

Another problem that may arise relating to receiving an unauthorized is related to the providers used in the authentication setting from IIS. In My case I was experience that problem If I set the Windows Authentication provider as "Negotiate". After I selected "NTLM" option the access was granted.

More Information on Authentication providers

https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/authentication/windowsauthentication/providers/

Answer 4

Please enable the following items in Windows 2012 R2

Answer 5

Just in case anyone else runs into this. I troubleshooted all of these steps and it turns out because I unzipped some files from a MAC, Microsoft automatically without any notification Encrypted the files. After hours of trying to set folder permissions I went in and saw the file names were green which means the files were encrypted and IIS will throw the same error even if folder permissions are correct.

Answer 6

1. Create a new Site, Right Click on Sites folder then click add Site
2. Enter the site name.
3. Select physical path
4. Select Ip Address
5. Change Port
6. Click OK
7. Go to Application Pools
8. Select the site pool
9. Right-click the click Advance Settings
10. Change the .Net CLR Version to "No Manage Code"
11. Change the Identity to "ApplicationPoolIdentity"
12. Go to Site home page then click "Authentication"
13. Right-click to AnonymousAuthentication then click "Edit"
14. Select Application Pool Identity
15. Click ok
16. boom!

for routes add a web.config

<configuration>
    <system.webServer>
        <rewrite>
            <rules>
                <rule name="React Routes" stopProcessing="true">
                    <match url=".*" />
                    <conditions logicalGrouping="MatchAll">
                        <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
                        <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
                        <add input="{REQUEST_URI}" pattern="^/(api)" negate="true" />
                    </conditions>
                    <action type="Rewrite" url="/" />
                </rule>
            </rules>
        </rewrite>
    </system.webServer>
</configuration>