"You are not authorized to view this page, you do not have the credentials provided to view the directory or

Source: Internet
Author: User
Tags metabase ntfs permissions
"You are not authorized to view this page, you do not have the available credentials to view the directory or page Permissions "--workaround

When you configure IIS, you should do a little better if you are safe. There will be all kinds of problems. For example, the common access to the Web page will pop-up user name password login interface, or access to some kind of page such as html,asp nothing, but access to JSP or PHP has problems, show 401.3 ACL prohibit access to resources and other common solution is.

1, error number 401.1
Symptom (s): HTTP error 401.1-Unauthorized: Access denied due to invalid credentials.
Analysis:
Because the user is using anonymous access to the account (the default is the IUSR_ machine name) is disabled, or does not have access to the computer, will cause users inaccessible.
Solution:
(1) To see if the anonymous account for site security settings in IIS Manager is disabled, and if so, try to enable it in the following ways:
Control Panel-> Management tools-> Computer Management-> Local Users and groups, enable IUSR_ machine name account. If it is not resolved, proceed to the next step.
(2) View the default anonymous access account for the site in IIS Manager or the group to which it belongs, in the local security policy, if there is no attempt to grant permissions with the following steps:
Start-> program-> Administrative Tools-> Local Security Policy-> security Policy-> Local policy-> User rights Assignment, double-click "Access this computer from the network" to add the IIS default user or the group to which it belongs.
Note: The general custom IIS default anonymous access account belongs to the group, and for security, there are no special needs, please follow this rule.

2, error number 401.2
Symptom (s): HTTP error 401.2-Unauthorized: Access was denied due to server configuration.
Reason: Anonymous authentication was turned off
Solution:
Run inetmgr, open the Site Properties-> Directory Security-> authentication and access control-> Select Enable Anonymous access, enter a username, or click "Browse" to select a legitimate user, and then confirm the password two times.

3, error number: 401.3
Symptom (s): HTTP error 401.3-Unauthorized: Access because the ACL is denied to the requested resource's settings.
Reason: IIS anonymous users generally belong to the Guests group, and we generally put the site's hard drive to the Administrators group, at this time, in accordance with the principle of inheritance, the site folder only members of the Administrators group can access, Insufficient NTFS permissions to access the file by IIS anonymous users, causing the page to be inaccessible.
Solution:
Permission to access a Web site folder to an IIS anonymous user by entering the security options for the folder, adding IIS anonymous users, and giving them the appropriate permissions, generally read and write.
You are not authorized to view this page
You do not have permission to view the directory or page using the credentials provided, because the Web browser is sending the Www-authenticate header field that the Web server is not configured to accept.

Please try the following:

If you think you should be able to view the directory or page, contact the site administrator.
Click the Refresh button and try again with other credentials.
HTTP Error 401.2-Unauthorized: Access was denied due to server configuration.
Internet Information Services (IIS)

Technical information (provided for technical support staff)

Go to Microsoft Product Support services and search for headings that include "HTTP" and "401".
Open IIS Help (accessible in IIS Manager (inetmgr)), and then search for topics titled "About Security," "Authentication," and "about custom error messages."

No, just open the Web directory.
Change the name of the son can be ~.
Faint ~
Delete the web directory.
You were playing

Or are you not authorized to view the page
You can change the/~.

IIS-specific issues

Select this folder point in IIS Right-Properties-Execute permission Select "Script-only" try

IIS in your virtual directory, attributes-〉 Directory security-〉 edit authentication and access control

"Directory Security"-point "authentication and access Control"-"edit"-Remove the "Enable anonymous access" hook on the Web site.

Many friends have encountered many problems when they use the IIS6 website. And some of these problems in the past IIS5 inside have encountered, and some are new, I worked on the afternoon, did a lot of experiments, combined with the previous mistakes, made this summary, I hope to help you:
Issue 1: Parent Path not enabled
Examples of symptoms:
Server.MapPath () error ' ASP 0175:80,004,005 '
The Path character is not allowed
/0709/dqyllhsub/news/opendatabase.asp, line 4
The character ' ... ' is not allowed in the Path parameter of MapPath.
Reason Analysis:
Many web pages use things like. /formatted statement (that is, the page that returns to the previous layer, which is the parent path), and IIS6.0 for security reasons, this option is turned off by default.
Workaround:
In IIS, the properties-> the home directory-> configuration-> option. Check the "Enable Parent path" front. Confirm the refresh.

Problem 2:asp Web extensions improperly configured (same applies to asp.net, CGI)
Examples of symptoms:
HTTP Error 404-file or directory not found.
Reason Analysis:
The new Web application extension option is added to IIS6.0, where you can allow or disallow ASP, ASP.net, CGI, and IDC programs, which are prohibited by default.
Workaround:
In the Web service extension in IIS, select Active Server Pages and click Allow.

Issue 3: Improperly configured identity authentication
Examples of symptoms:
HTTP Error 401.2-Unauthorized: Access was denied due to server configuration.
Reason Analysis: IIS supports the following types of Web authentication methods:
Anonymous authentication
IIS creates a IUSR_ computer name account, where the computer name is the name of the server that is running IIS, and is used to authenticate anonymous users when they request Web content. This account grants the user local logon rights. You can reset anonymous user access to use any valid Windows account.
Basic Authentication
Use Basic authentication to restrict access to files on an NTFS-formatted WEB server. Using Basic authentication, the user must enter credentials and access is based on the user ID. Both the user ID and password are sent across the network in clear text.
Windows Integrated Authentication
Windows Integrated authentication is more secure than basic authentication and works well in the intranet environment where users have Windows domain accounts. In integrated Windows authentication, the browser attempts to use the credentials that the current user uses during the domain logon process and prompts the user for a user name and password if the attempt fails. If you use integrated Windows authentication, the user's password will not be transferred to the server. If the user logs on to the local computer as a domain user, he does not have to authenticate again when he accesses a network computer in this domain.
Digest Authentication
Digest authentication overcomes many of the drawbacks of basic authentication. When Digest authentication is used, the password is not sent in clear text. In addition, you can use Digest authentication through a proxy server. Digest authentication uses a challenge/response mechanism (the mechanism that is used to integrate Windows authentication), where passwords are sent in encrypted form.
. NET Passport Authentication
Microsoft. NET Passport is a user authentication service that allows single check-in security to make it more secure for users to access the. NET Passport-enabled WEB sites and services. A. NET Passport-enabled site authenticates users based on the *. NET Passport central server. However, the hub server does not authorize or deny specific users access to each of the. NET Passport-enabled sites.
Workaround:
Configure different identity authentication (typically anonymous authentication, which is the authentication method used by most sites) as needed. Authentication options are configured under IIS Properties-> Security-> authentication and access control.

Problem 4:IP Limited improperly configured
Examples of symptoms:
HTTP Error 403.6-Prohibit access: The IP address of the client is denied.
Reason Analysis:
IIS provides a mechanism for IP restrictions that you can configure to restrict a ㊣p from accessing a site, or to restrict access to a site by only certain IP, and error prompts if the client is within the IP range that you are blocking, or not within the range you allow.
Workaround:
Access to IIS Properties-> security->ip address and domain name restrictions. If you want to restrict access to certain IP addresses, you need to select an authorized access point to add an IP address that is not allowed. Conversely, you can only allow access to certain IP addresses.

Problem 5:IUSR account is disabled
Examples of symptoms:
HTTP Error 401.1-Unauthorized: Access denied due to invalid credentials.
Reason Analysis:
Because the user is using anonymous access account is the IUSR_ machine name, so if this account is disabled, will cause users inaccessible.
Solution:
Control Panel-> Management tools-> Computer Management-> Local Users and groups, enable IUSR_ machine name account.

Problem 6:ntfs permissions set improperly
Examples of symptoms:
HTTP Error 401.3-Unauthorized: Access because the ACL's settings for the requested resource were denied.
Reason Analysis:
Users of a Web client are subordinate to the user group, so if the file has insufficient NTFS permissions, such as no Read permissions, it will cause the page to be inaccessible.
Solution:
Enter the Security tab of the folder, configure user permissions, or at least Read permissions. About NTFS permission settings are no longer fed here.

Problem 7:iwam account is not synchronized
Examples of symptoms:
HTTP 500-Internal server error
Reason Analysis:
The IWAM account is a built-in account that the system automatically builds when IIS is installed. IWAM account is established by active Directory, IIS metabase database and COM + application tripartite use, the account password is saved by three parties, and the operating system is responsible for the three-party saved IWAM Password synchronization work. The system to IWAM account password synchronization work sometimes ineffective, resulting in IWAM account password is not uniform.
Solution:
If there is an ad, select Start-> program-> Administration Tools->active directory Users and Computers. Set the password for the IWAM account.
Run c://inetpub//adminscripts>adsutil SET w3svc/wamuserpass + Password Sync IIS metabase database password
Run cscript c://inetpub//adminscripts//synciwam.vbs-v sync iwam account password in COM + applications

Problem 8:mime Setup problem causes some types of files to be downloaded (for example, ISO)
Examples of symptoms:
HTTP Error 404-file or directory not found.
Reason Analysis:
IIS6.0 has canceled support for some MIME types, such as ISO, causing client downloads to go awry.
Workaround:
The property->http header->mime type-> new in IIS. In the dialog box that follows, the extension is filled in. The Iso,mime type is application.

In addition, firewall blocking, ODBC configuration errors, Web server performance restrictions, thread restrictions, and other factors that cause the IIS server can not access the possible reasons, here is no longer one by one feed.

The article is reproduced from 1024k:http://www.1024k.cn/faq/2007/200706/37279.html

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.