Windows 2003 + IIS6.0 related issues such as 401.1 or 401.2 resolution

I handle the process myself:

1. Problem Scenario:

1.1 I have a virtual machine for Win2003 + iis6.0 Environment

C + to NTFS format

D:\ to Fat32 format

1.2 I need to deploy an ASP. NET Framework 4.0

2. Description of the problem

At first I deployed my WCF service in D:\wwwroot

So I was prompted to enter Windows authentication, and later found out because I checked in the site properties, directory security, and access control, integrated authentication,

So I checked out the setting. There's a 401.1 error.

Then I started, set the iusr_*** and iwam_*** user settings. Allow access to user anonymous access and other settings, are useless ....

3. Final Solution:

I deployed the Web site to a drive disk in NTFS format, which is the C drive. You can set directory permissions on the site directory, give everyone read and write permissions, and then. It can be ...

4. It's really frustrating ....   have been dealt with before, and forgot ..... Write this back. For later use

Here is an excerpt from the online: http://www.cnblogs.com/carekee/articles/1745406.html

HTTP Error404-HTTP error not found for file or directory401.2-Unauthorized: Access is denied due to server configuration. Many friends in the use of IIS6 rack Web site encountered a lot of problems, and some of these problems in the past IIS5 inside have encountered, some are new out, I busy an afternoon, did a lot of experiments, combined with the previous experience in the wrong row, made this summary, I hope to give you help:) Issue 1: Parent path is not enabled Symptom Example: Server.MapPath () Error'ASP 0175:80004005'the Path character is not allowed/0709/dqyllhsub/news/opendatabase.asp, yes.4characters are not allowed in the Path parameter of the MapPath'..'. Cause analysis: Many Web pages need to use such as./formatted statement (that is, the page that goes back to the previous layer, that is, the parent path), and IIS6.0 for security reasons, this option is turned off by default. Workaround: In IIS, the propertiesConfiguration, home directoryoption. Tick the "Enable parent path" front. Confirm the refresh. Problem 2:asp Web Extensions misconfigured (same for ASP.) Symptom Example: HTTP error404-file or directory not found. Cause Analysis: A new Web program extension option is available in IIS6.0, where you can allow or disallow programs such as ASP, ASP, CGI, IDC, and so on, by default, programs such as ASP are prohibited. Workaround: Select Active Server Pages in the Web service extension in IIS and click "Allow". Issue 3: Improper authentication Configuration Symptom Example: HTTP error401.2-Unauthorized: Access is denied due to server configuration. Cause Analysis: IIS supports the following types of Web authentication methods: Anonymous Authentication IIS creates the IUSR_ computer name account (where the computer name is the name of the server that is running IIS) and is used to authenticate anonymous users when they request Web content. This account grants the user local logon rights. You can reset anonymous user access to use any valid Windows account. Basic authentication uses Basic authentication to restrict access to files on NTFS-formatted WEB servers. With basic authentication, the user must enter credentials, and access is based on the user ID. Both the user ID and password are sent across the network in clear text. Windows Integrated authentication is more secure than basic authentication and works well in an intranet environment where users have Windows domain accounts. In integrated Windows authentication, the browser tries to use the credentials that the current user uses during the domain logon process, and if the attempt fails, the user is prompted to enter a user name and password. If you use integrated Windows authentication, the user's password will not be delivered to the server. If the user is logged on to the local computer as a domain user, he does not have to authenticate again when accessing the network computer in this domain. Digest Authentication Digest authentication overcomes many of the drawbacks of basic authentication. When Digest authentication is used, the password is not sent in clear text. In addition, you can use Digest authentication through a proxy server. Digest authentication uses a challenge/The response mechanism, which is the mechanism used by integrated Windows authentication, in which the password is sent in encrypted form.. NET Passport authentication Microsoft. NET Passport is a user authentication service that allows single check-in security Makes it more secure for users to access. NET Passport-enabled WEB sites and services. A. NET Passport-enabled site is*the. NET Passport Central server to authenticate users. However, the hub server does not authorize or deny specific users access to each of the. NET Passport-enabled sites. Workaround: Configure different authentication as needed (typically anonymous authentication, which is the authentication method used by most sites). Authentication options in IIS PropertiesSecurity-Configure under Authentication and access control. Problem 4:ip Restriction misconfiguration Example: HTTP error403.6-Forbidden: The client's IP address is denied. Cause Analysis: IIS provides a mechanism for IP throttling that you can configure to restrict a ㊣p from accessing the site, or restrict access to sites only by certain IPs, and error prompts if the client is within a range of IP that you block or is not within your allowed range. Workaround: Go to IIS PropertiesSecurity-IP address and domain name restrictions. If you want to restrict access to certain IP addresses, you need to select authorized access, and click Add to select an IP address that is not allowed. Conversely, you can only allow access to certain IP addresses. Problem 5:IUSR account is disabled symptom Example: HTTP error401.1-Unauthorized: Access is denied due to invalid credentials. Reason analysis: Because the user anonymous Access uses the account is the IUSR_ machine name, therefore if this account is disabled, will cause the user to be unable to access. Workaround: Control PanelManagement tools, Computer Management,Local Users and groups, the IUSR_ machine name account is enabled. Problem 6:ntfs Permissions Settings Improper symptom example: HTTP error401.3-Unauthorized: Access is denied because the ACL is set on the requested resource. Cause Analysis: Users of the Web client are part of the user group, so if the file has insufficient NTFS permissions (for example, no Read permission), it can cause the page to become inaccessible. Workaround: Go to the Security tab of the folder, configure user permissions, or at least Read permissions. About NTFS permission settings is no longer fed here. Problem 7:iwam account out of sync symptoms example: HTTP --Internal Server error cause analysis: IWAM account is a built-in account that is automatically created when IIS is installed. IWAM account is established by active Directory, IIS metabase database, and COM+The application tripartite use, the account password is three parties respectively saves, and by the operating system is responsible for these three parties to save the IWAM password synchronization work. The system's password synchronization to the IWAM account sometimes fails, resulting in the IWAM account password not uniform. WORKAROUND: If ad is present, select Start, program-and management tools,Active directory Users and Computers. Set a password for the IWAM account. Run c:\\Inetpub\\AdminScripts>adsutil SET W3svc/wamuserpass +Password Synchronization IIS metabase database password run cscript c:\\inetpub\\adminscripts\\synciwam.vbs-V Sync IWAM account in COM +password problem in application 8:mime Setup issue causes certain types of files to not download (ISO For example) Symptom example: HTTP error404-file or directory not found. Cause analysis: IIS6.0 has canceled support for some MIME types, such as ISO, causing client download errors. Workaround: In IIS, the properties->http Head->mime TypeNew. In the dialog box that follows, the extension fills in. The Iso,mime type is application. In addition, firewall blocking, ODBC configuration errors, Web server performance limitations, thread throttling and other factors are also causing the IIS server to be unable to access the possible reasons, here is no longer one by one. 

Windows 2003 + IIS6.0 related issues such as 401.1 or 401.2 resolution