IIS 7.5 Windows Authentication failed with 401

7

Since we moved from IIS 7.0 to IIS 7.5 the Windows Authentication doesn't work anymore from remote requests. If I open the website on the webserver everything works fine.

web.config:

<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
        <deny users="?" />
        <allow users="*" />
</authorization>

IIS Settings:

Authentication (enabled): ASP.NET Impersonation, Windows Authentication (all others are disabled)
ApplicationPool: Managed Pipeline Mode -> Classic, Identity -> ApplicationPoolIdentity

Failed Request Trace:

MODULE_SET_RESPONSE_ERROR_STATUS
ModuleName: WindowsAuthenticationModule
Notification: 2
HttpStatus: 401
HttpReason: Unauthorized 
HttpSubStatus: 1
ErrorCode: 2148074254 
ConfigExceptionInfo:  
Notification: AUTHENTICATE_REQUEST
ErrorCode No credentials are available in the security package (0x8009030e)

Any suggestions?

windows
iis
windows-authentication
iis-7.5
asked on Stack Overflow Jul 16, 2010 by Dave • edited Jul 16, 2010 by Dave

2 Answers

4

We had a two-hop problem I think. If I move our SQL/Oracle DB to the server which is running IIS it works.

So here is an article to which describes a solution.

How to configure SQL and IIS for two hop kerberos authentication 2

or SSRS Reportviewer ASP.NET Credentials 401 Exception

Thanks

answered on Stack Overflow Jul 20, 2010 by Dave • edited May 23, 2017 by Community
1

Which client are you using? you might be running a client that is trying to pre-authenticate, but in IIS 7 we use Kernel Mode authentication by default which requires a challenge. If that is the case you can disable Kernel Mode auth by selecting the Windows Authentication entry and clicking Advanced Settings, you should see a checkbox that allows you to Disable that for the specific application and it should work if this is the problem.

answered on Stack Overflow Jul 16, 2010 by Carlos Aguilar Mares

User contributions licensed under CC BY-SA 3.0