Fixing HTTP Error 401.1 in IIS 7.5 on Windows 7

For a test I was trying to run a website on my local Windows 7 machine in IIS 7.5.

 I put the website files in my C:\inetpub\wwwroot\MyWebsite. I opened IIS 7.5 and right-clicked on Sites and selected "Add Web Site".

In the "Add Web Site" dialog I entered the "Site name", "Physical path" as above and "Host name" and clicked "OK".

For the "Select Application Pool" dialog I selected "Classic .NET AppPool" which is .Net 2.0 with Classic Pipeline.

I double clicked on "Authentication" and disabled everything and enabled "Windows Authentication" as this is a local intranet website.

In "Application Pools" I went into "Advanced Settings" for the "Classic .NET AppPool" and changed the Identity to "Custom account" and entered "my companies domain\my userid" and password, because that is how the website is run on the corporate server under a special account.

I then went to C:\Windows\System32\drivers\etc and edited my hosts file and added:

::1 MyHostName

Where MyHostName is the name I entered in "Host name" when I first created the website above.

I then opened IE 8 and put http://MyHostName/ in the address box and I get a "Windows Security" dialog box asking for my username and password.  I try and enter "my companies domain\my userid" and password and I just keep getting the same dialog three times and then I get a page that says "Server Error in Application 'SiteName'" where SiteName is the name I entered for "Site name" when I created the website.

On this error page it goes on to say that I got the "HTTP Error 401.2 - Unauthorized" error and "You are not authorized to view this page due to invalid authentication headers."

In the "Detailed Error Information" section it says I got error code 0x80070005.

After much research I discovered I needed to add a Multi-String Value to the following registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 called BackConnectionHostNames with "MyHostName" as the Value.  As described in "Method 1" here: http://support.microsoft.com/kb/896861.

In my research I did come along a nice blog(http://mvolo.com/troubleshoot-iis7-errors-like-a-pro/) that had some really good information but it didn't have the regedit fix I needed.

And a nice site about all the options with Windows Authentication in IIS can be found here http://www.iis.net/configreference/system.webserver/security/authentication/windowsauthentication



No comments:

Post a Comment