Error message 401.2.: Unauthorized: Logon failed due to server configuration. When application deployed

Question

I have an asp.net 4.0 application that works fine running under cassini but when i deploy to IIS i get the above error. It is running under the Default App pool which a number of other apps use and work fine. Here is a copy of my web config which may be the source:

<!--
  For more information on how to configure your ASP.NET application, please visit
  http://go.microsoft.com/fwlink/?LinkId=169433
  -->

<configuration>
  <connectionStrings>
    <add name="FMLconnect" connectionString="Server=192.168.20.125;Port=;Database=FML;Uid=******;Pwd=*****;pooling=false;" providerName="MySql.Data.MySqlClient"  />
  </connectionStrings>

  <system.web>
    <httpHandlers>
      <add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false"/>
      <add path="ChartImage.axd" type="Telerik.Web.UI.ChartHttpHandler" verb="*" validate="false"/>
      <add path="Telerik.Web.UI.SpellCheckHandler.axd" type="Telerik.Web.UI.SpellCheckHandler" verb="*" validate="false"/>
      <add path="Telerik.Web.UI.DialogHandler.aspx" type="Telerik.Web.UI.DialogHandler" verb="*" validate="false"/>
      <add path="Telerik.RadUploadProgressHandler.ashx" type="Telerik.Web.UI.RadUploadProgressHandler" verb="*" validate="false"/>
      <add path="Telerik.Web.UI.WebResource.axd" type="Telerik.Web.UI.WebResource" verb="*" validate="false"/>
      <add path="Reserved.ReportViewerWebControl.axd" verb="*" type="Microsoft.Reporting.WebForms.HttpHandler, Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" validate="false"/>
      <add type="Telerik.ReportViewer.WebForms.HttpHandler, Telerik.ReportViewer.WebForms, Version=5.1.11.928, Culture=neutral, PublicKeyToken=a9d7983dfcc261be" path="Telerik.ReportViewer.axd" verb="*" validate="true"/>
    </httpHandlers>
    <compilation debug="true" targetFramework="4.0" >
      <assemblies>
        <add assembly="Microsoft.Build.Framework, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <!--<add assembly="Microsoft.ReportViewer.Common, Version=10.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="Microsoft.ReportViewer.WebForms, Version=10.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>-->
        <add assembly="System.Data.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
        <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Management, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
        <add assembly="System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"/>
      </assemblies>
    </compilation>




  </system.web>

  <system.webServer>
       <validation validateIntegratedModeConfiguration="false" />
    <modules runAllManagedModulesForAllRequests="true" />
  </system.webServer>
</configuration>

Answer 1

1. Click on your project inside the Solution Explorer to select the project.

2. Press F4 (for properties).

3. In the Properties pane for your project:

   1. Set "Anonymous Authentication" to "Disabled".
   2. Set "Windows Authentication" to "Enabled".

Then run the project.

Answer 2

I had the same error, where the application is running fine locally, but gives Unauthorized error when running from IIS. I tried several methods but no luck. I finally used the below method:

I was using Anonymous Authentication, which was not able to work correctly as it was unable to find path to the code files. Therefore, I set the Windows Authentication to True and VOILA! it worked.

You can find Windows Authentication by clicking your application name in the left hand side pane - Select Authentication - Windows Authentication (set to Enabled).

Also, if you cannot fine Windows Authentication here, you need to select it from Control Panel - Program featutes - Turn windows fetures on or off - IIS - World wide web services - Security- Windows authentication (check it). Now go to IIS and you will find it.

Answer 3

This always happens to our project after it's reloaded.

If you're using Windows Authentication, the problem might be as simple as updating your project properties to Enable Windows Authentication.

In Visual Studio, get to your project properties (I usually right-click a file > properties to open the properties window. Then click on my project). Make sure Windows Authentication is set to Enabled

Answer 4

If you are using Windows Authentication, it could be your authorization settings. Open web.config file:

  <system.web>
    <authentication mode="Windows"></authentication>
    <identity impersonate="false" />
    <authorization>
        <allow roles="domain_name1\group_name1,domain_name2\group_name2" />
      <deny users="*" />
    </authorization>

Make sure you have assigned the correct roles. If you need to include all users, use:

<allow users="*" />

Answer 5

If it is a windows authentication based app, then enable Windows Authentication for your site in IIS and disable Anonymous Authentication.

Answer 6

what helped to me is commented out the lines below in the web.config

<system.web>
    <compilation debug="true" targetFramework="4.5.2" />
    <httpRuntime targetFramework="4.5" />
    <!--  
    <authentication mode="Windows" /> 
    <authorization>
        <deny users="?" />
    </authorization>
    <identity impersonate="false" />
    -->
    <customErrors mode="Off" />
</system.web>

Answer 7

I had a similar issue and resolved it by setting optimizeCollections to false in web.config and immediately reverting the change after verifying that it worked.

  <system.web>
    ..
    <compilation debug="true" targetFramework="4.7.1" optimizeCompilations="false" />
    ..
  </system.web>

Perhaps the same thing could have been achieved by deleting asp.net temp folder..

Answer 8

I resolved 401.1 and 401.2 authentication errors by adding BackConnectionHostNames to the registry using these directions: https://support.microsoft.com/en-us/help/896861/you-receive-error-401-1-when-you-browse-a-web-site-that-uses-integrate (Method 1)

1. Click Start, click Run, type regedit, and then click OK.
2. In Registry Editor, locate and then click the following registry key:
3. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
4. Right-click MSV1_0, point to New, and then click Multi-String Value.
5. Type BackConnectionHostNames, and then press ENTER.
6. Right-click BackConnectionHostNames, and then click Modify.
7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
8. Quit Registry Editor, and then restart the IISAdmin service.

These errors were occurring on a Windows 10 Professional install running version 1803, on a domain that is named differently than the site I was attempting to authenticate to.

Answer 9

For me, I had to change settings from the "Properties" panel to fix this issue. Select project and hit F4 (menu: View->Properties Window) and set properties accordingly.

Visual Studio 2015 - Properties panel screen shot

Hope this helps!

Answer 10

I upgraded a VS2012 project to 2013 and it changed the Project property from Windows Authentication from Enabled to Disabled and I was then getting this error. Simple change solved the problem. Go to solution and click properties to change this.

If you are using IISExpress, the lines should look something like:

<IISExpressAnonymousAuthentication>disabled</IISExpressAnonymousAuthentication>
<IISExpressWindowsAuthentication>enabled</IISExpressWindowsAuthentication>

Answer 11

I had the same problem just now. None of the fixes I found worked, so I'll just post here in case it helps someone.

For me the issue was solved this way:

• Open IIS manager
• Select "Application Pools"
• Right click on the application pool you are using and select "Advanced settings"
• Set "Enable 32-Bit Applications" to "True"
• Click "OK" to close the dialog box
• Right click on the application pool again and select "Recycle"

Hope that will help someone else out! This was driving me crazy.

Answer 12

I was also getting this error trying to run an existing ASP.NET WebForms application under IIS Express (but this probably also applies to IIS).

The application was configured in the applicationhost.config to use the Clr4IntegratedAppPool application pool. Changing the applicationPool attribute to Clr4ClassicAppPool solved the problem for me.

Answer 13

This might be a very late answer, but the problem in my case was a mis-configured Publish profile (Using Web Deploy). As soon as I deselected the Precompile during publishing option (below) and re-published, it came back to normal and I was able to access it.

I also tried activating/deactivating it a couple of time and that confirmed it was the sole reason. The problem appeared when I activated it again and disappeared when I unchecked it.

And to be honest, I still don't have an explanation about what impact does this option have exactly and why it is the cause of such problem. I found this question but I am still investigating.

Answer 14

Try this:

• Open IIS Manager
• Click on your web server (i.e. the server itself; not a site) in the connections bar.
• Select Authentication from the IIS section.
• Enable protocols as required. Anything disabled here will not be available to sites hosted on this server; anything enabled here will use the individual site's settings.
• Restart IIS (start, run, cmd (run as admin), iisreset -noforce)

Answer 15

If you're working with IIS Express, check the web.config

        <!--  AUTHENTICATION 
      This section sets the authentication policies of the application. Possible modes are "Windows", 
      "Forms", "Passport" and "None"
-->
    <authentication mode="Windows"/>
    <identity impersonate="true"/>
    <!--  AUTHORIZATION 
      This section sets the authorization policies of the application. You can allow or deny access
      to application resources by user or role. Wildcards: "*" mean everyone, "?" means anonymous 
      (unauthenticated) users.
-->
    <!--<authorization>
        <deny users="?"/>-->
        <!-- Allow all users -->
        <!--  <allow     users="[comma separated list of users]"
                         roles="[comma separated list of roles]"/>
              <deny      users="[comma separated list of users]"
                         roles="[comma separated list of roles]"/>
        -->
    <!--</authorization>-->

Answer 16

With IIS, this really just sounds like you need to check the authentication settings for your app in IIS Admin. Try this link: http://support.microsoft.com/kb/253667

This is for IIS6, you didn't mention whether you were using IIS 6 or 7. For IIS 7, try this: http://support.microsoft.com/kb/942043