After deploying a new ASP.NET web application with Windows authentication, hosted by IIS, I encountered a repeated “Authentication Required” popup folled by a 401 Error screen.

authreq401error01

Here are some of the configuration settings I used to resolve the issue:

authreq401error02

IIS -> MyServer -> Application Pools -> (right click) Add Application Pool
authreq401error03

By default, IIS will create a virtual account (a server account, not a domain account) named “IIS AppPool\MyApplicationPool”

 

IIS-> MyServer -> Sites -> MyWebSite -> MyApplication (right click) -> Manage Application -> Advanced Settings

Set “Application Pool” to “MyApplicationPool”
IIS -> MyServer -> Sites -> MyWebSite -> MyApplication -> .NET AuthorizationRules
authreq401error04

IIS -> MyServer -> Sites -> MyWebSite -> MyApplication -> Authentication -> (right click) Edit Permissions -> Security -> Edit -> Add
Type “IIS AppPool\MyApplicationPool” in the “Enter the object names to select” box and click “Check Names”

Locations -> MyServer -> OK -> OK -> OK

Set “Full control” to “Allow” and click “OK”

 

IIS -> MyServer -> Sites -> MyWebSite -> MyApplication -> Authentication -> (right click) Open Feature -> Anonymous Authentication (right click) -> Edit -> Application pool identity -> OK

IIS -> MyServer -> Sites -> MyWebSite -> MyApplication -> Authentication -> (right click) Open Feature -> Windows Authentication (right click) -> Advanced Settings

Set “Extended Protection” = “Accept” and “Enable Kernel-mode authentication” = “Checked”
IIS -> MyServer -> Sites -> MyWebSite -> MyApplication -> Authentication -> (right click) Open Feature -> Windows Authentication (right click) -> Providers -> NTLM -> Move Up -> OK
authreq401error05

Advertisements