Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Windows Auth directory in IIS - web.config Permission problem

Tags:

permissions

iis-7

web-config

iis-7.5

We've created a windows authenticated sub directory on our web server, however, intermittently when we go there (once logged in as an authenticated user - member of a authenticated group) we get the following error:

Module IIS Web Core
Notification BeginRequest
Handler Not yet determined 
Error Code 0x80070005 
Config Error Cannot read configuration file due to insufficient permissions  
Config File \\?\C:\Inetpub\wwwroot\admin\web.config 
Requested URL http://testsite.dev:80/admin
Physical Path C:\Inetpub\wwwroot\testsite\admin 
Logon Method Not yet determined 
Logon User Not yet determined

The odd thing is once we see this error, hit F5 or refresh and the error goes away, only to reappear a short time later. Very frustrating!!

I have done extensive searches online, but can find nothing. We may also create other sub dirs allowing the same "group" to have access, so this needs to work across all these subs without having to relog in.

We are using IIS7. I've found guides that state for IIS7 ( http://kenno.wordpress.com/2008/10/23/iis7-cannot-read-configuration-file-due-to-insufficient-permissions/ ) but when I do this it seems to then make the directory accessible to all which is clearly not required.

like image 934
Stuart Palmer Avatar asked Oct 19 '25 01:10

Stuart Palmer

2 Answers

Following my own advice and knowing nothing about the problem, I give you an answer to be accepted or improved upon:

  1. Set IIS_IUSRS to have read access on your windows authenticated directory.—user901820

  2. Configure access in IIS Manager | Your Site | Authentication. Make sure you have disabled "Anonymous Auth" for that folder—this should close it for everyone. If you now enable another Auth method for that folder ... then user should only access it if he provides proper login details.—LazyOne

See Configuring Security at IIS.net.

like image 91
Jon Ericson Avatar answered Oct 22 '25 05:10

Jon Ericson

Following my own advice and knowing nothing about the problem, I give you an answer to be accepted or improved upon:

  1. Set IIS_IUSRS to have read access on your windows authenticated directory.—user901820

  2. Configure access in IIS Manager | Your Site | Authentication. Make sure you have disabled "Anonymous Auth" for that folder—this should close it for everyone. If you now enable another Auth method for that folder ... then user should only access it if he provides proper login details.—LazyOne

See Configuring Security at IIS.net.

like image 22
Jon Ericson Avatar answered Oct 22 '25 04:10

Jon Ericson
Sign in to Comment

Related questions

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!