Unauthorized error when using Integrated Security
Sometimes when I’m setting up a new server and creating a site using only integrated security I am unable to access the site.
Instead of direct access to the site, a dialog pops up asking for user name and password. Even if I enter a valid domain user and the correct password no access is given to the site. After three attempts this message occurs:
HTTP Error 401.1 – Unauthorized: Access is denied due to invalid credentials
IIS is by default using Kerberos for authentication. This error occurs because the Kerberos authentication for some reason fails.
The easiest way to fix this is to change the default authentication mode for IIS from Kerberos to NTLM.
To change the default authentications mode to NTLM follow these steps:
- Open a command window.
- Navigate to the Adminscripts folder on the server. This is default found on C:\Inetpub\Adminscripts.
- Run the following command:cscript adsutil.vbs set w3svc/NTAuthenticationProviders “NTLM”
- Run iisreset
You should now be able to access the site using Integrated Security.
For more information on this issue, check out this KB article: http://support.microsoft.com/kb/871179
