I know this is an old post, but figured this might help someone searching in the future:
http://davidhazar.blogspot.com/2010/07/solved-cannot-authenticate-to-iis.html
CraigH wrote:
Intergrated Windows Authentication - cannot log in locally
03-Apr-07
I have created a website on our web server with IIS (version 6.0). I want the
authentication set to Intergrated Windows Authentication and I do NOT want to
allow anonymous access.
If I access the website from a remote PC, it works: I type in the URL, I get
prompted for my username and password, I fill it in, and I get to the web
page. When I log into the server (using Remote Desktop Connection) and try
the same thing, my username and password is not accepted and I get this
error:
"HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)"
If I change the authentication to Basic Authentication, it works -- but I
need it to use Intergrated Windows Authentication.
I'm sure the this was working in the past, but I don't know what happened to
change things.
Please help,
Craig
Previous Posts In This Thread:
On Tuesday, April 03, 2007 4:04 AM
CraigH wrote:
Intergrated Windows Authentication - cannot log in locally
I have created a website on our web server with IIS (version 6.0). I want the
authentication set to Intergrated Windows Authentication and I do NOT want to
allow anonymous access.
If I access the website from a remote PC, it works: I type in the URL, I get
prompted for my username and password, I fill it in, and I get to the web
page. When I log into the server (using Remote Desktop Connection) and try
the same thing, my username and password is not accepted and I get this
error:
"HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)"
If I change the authentication to Basic Authentication, it works -- but I
need it to use Intergrated Windows Authentication.
I'm sure the this was working in the past, but I don't know what happened to
change things.
Please help,
Craig
On Tuesday, April 03, 2007 7:12 AM
Egbert Nierop \(MVP for IIS\) wrote:
Re: Intergrated Windows Authentication - cannot log in locally
"CraigHB" wrote in message
Make sure that 'users' are allowed to be impersonated through your domain
policy settings!
(To open those, right click your domain controllers properties and open the
'default domain policies' or select them from the administrative tools)
Secondly, is the remote desktop user account the same account that you use
to access your website if you don't use the remote access?
On Wednesday, April 04, 2007 4:22 AM
CraigH wrote:
That server does not have a domain controller, so there are no domain policy
That server does not have a domain controller, so there are no domain policy
settings. Is there another place I can check whether users are allowed to be
impersonated.
Yes, the remote desktop user account is the same account that I'm using to
access your website. The whole time I'm using my account -- which is member
of Administrators.
On Wednesday, April 04, 2007 4:50 AM
Egbert Nierop \(MVP for IIS\) wrote:
Re: Intergrated Windows Authentication - cannot log in locally
If there is no domain controller, then open the local security policy (see
administrative tools)
On Wednesday, April 04, 2007 5:36 AM
CraigH wrote:
I opened Local Security Settings in Administrative Tools.
I opened Local Security Settings in Administrative Tools. Under Local
Policies / User Rigths Assignment, I found "Impersonate a client after
authentication". I went into that, clicked on "Add User or Group..." and
added the username that I have been using to access the web site. I then
rebooted the server.
This didn't help. I didn't expect it to, because the Administrators group
was already there (and I'm a member of that group).
The items in that list are:
* long code starting with S-1-5-21-.......
* another long code like the one above
* Administrators
* ASPNET
* Craig (my username that I have just added)
* IIS_WPG
* SERVICE
* SQLServer2005DTSUser$REDPEPPER1 (where REDPEPPER1 is the name of the server)
On Sunday, April 08, 2007 5:20 AM
Egbert Nierop \(MVP for IIS\) wrote:
If you see this...
If you see this...
S-1-5-21-
it looks like your server is garbled with a previous domain membership
(correct me if I'm wrong), a receipt for permission problems unfortunately.
Make sure you remove all the S-1 etc entries that you see,
Then check the minimal/default IIS security rights needed.
http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library...S/27f4d
http://blogs.msdn.com/david.wang/archive/2006/07/01/IIS-Security-Templ...s-and-A
Impersonation
http://blogs.msdn.com/david.wang/archive/2005/06/29/IIS_User_Identity_...Run_Cod
"CraigHB" wrote in message
On Friday, July 30, 2010 10:55 AM
David Hazar wrote:
RE: Intergrated Windows Authentication - cannot log in locally
I know this is an old post, but figured this might help someone searching in the future:
http://davidhazar.blogspot.com/2010/07/solved-cannot-authenticate-to-iis.html
Submitted via EggHeadCafe - Software Developer Portal of Choice
Changing WCF Service Implementation at Runtime
http://www.eggheadcafe.com/tutorials/aspnet/d9263dcc-f7ed-42f3-bc96-32...1be3306 >> Stay informed about: Intergrated Windows Authentication - cannot log in locally 
FAQ
Search
Profile
Private Messages
Log in
