1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Apr 2013
    Rep Power

    IIS 7.5 Windows Authentication fails unless the code files are shared to end users

    Hi All,

    I’m setting up a simple Classic ASP application, to read the user login using Windows Authentication, in IIS 7.5 on a Windows 2008 R2 Server.
    (The application is just one file and has this line - response.write(Request.ServerVariables("LOGON_USER")) )

    But I’m unable to read the user’s login information unless the code files (application directory) are given Read & Execution permissions to the specific person or ‘Everyone’.
    If I remove ‘Everyone’ or the end user’s Id, I’m prompted to a login pop-up which subsequently takes me to the 401 - Unauthorized error.

    I’ve the following settings applied in the IIS…

    Set the Application Pool’s identity to ‘ApplicationPoolIdentity’
    Enabled Windows Authentication and disabled all other Authentications.
    Moved ‘NTLM’ to top on the Providers under Windows Authentication.
    Set the Impersonate User to False in CGI
    Added ‘IIS AppPool\DefaultAppPool’ to the Security properties of the application directory.

    I’m confused why IIS 7.5 web applications with Windows Authentication needs end users or ‘Everyone’ to have read access to the code files.

    Please suggest your views to resolve this problem and help me run this application without the folders being shared with the end users.

    Thanks in advance,
  2. #2
  3. No Profile Picture
    Grumpier old Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Jun 2003
    Rep Power
    Did you solve this? I've been absent for a while.

    I haven't spent any time with IIS 7.5 and don't know any definite solutions, but as a guess make sure the other user accounts that IIS may use (IWAM_ etc) have proper permissions to the files in question. Just a wild guess though.
    Doug G
    I've never been able to appreciate the sublime arrogance of folks who feel they were put on earth just to save other folks from themselves .." - Donald Hamilton

IMN logo majestic logo threadwatch logo seochat tools logo