IIS7.5 WCF Service - HTTP Error 401.3 (Even after adding IIS_IUSRS)

3
votes

We have website that uses "NT Authority\Network Service". 

Response.Write(WindowsIdentity.GetCurrent().Name);

The website uses a WCF Service that is hosted in IIS 7.5. We are getting the following error when we browse the service – “HTTP Error 401.3 – Unauthorized. You do not have permissions to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web Server.”

Note: We have already granted Read rights to IIS_IUSRS and IUSR on the folders.

Any idea, how we can resolve this error?

The application pool for the service has following details

.NET Framework version: .NET Framework v4.0.30319

Managed Pipeline mode: Classic

The Application for the service has the following configuration

Anonymous Authentication: Enabled

• Windows Authentication: Disabled

• ASP.NET impersonation: Disabled

• Forms Authentication: Disabled

1
c#asp.net.netvb.netiis-7
What is the identity of the application pool?Pavel Podlipensky

1 Answers

6
votes

Most likely it is this (in order of most likely to least): Besides enabling Anonymous Authentication for the web site, edit Anonymous Authentication (by right clicking) and change it from a Specific User to Application pool identity.

OR

Computer Management (right click on my computer and select Manage) --> Local Users and Groups --> Users --> Select IUSR_MACHINENAME (ie,IUSR_TOMATO-CLOWNFIS) --> Right click Properties --> Make sure it is a member of IIS_WPG and users and not Guests.

OR

On Your IIS Server -> Assign a USER NAME and PASSWORD to anonymous login which has full read rights on the folder or physical path of resources. Hope this resolves the issue.