IIS 7.5 on Windows 7: How to fix “HTTP Error 401.3 – Unauthorized”

If you try to run a web application on IIS 7.5 and Windows 7 and you get the following error

HTTP Error 401.3 – Unauthorized
You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.

it is most likely because of missing or wrong NTFS permissions. In detail, the identity that is used by the IIS web-server for “Anonymous Authentication” needs read permission on the web application’s physical folder. By default this identity is set to “IUSR“. To solve the HTTP Error 401.3 you could either

  • Grant read permissions on the web application’s physical folder for the IUSR user or
  • change the identity that is used for “Anonymous Authentication” to a user that has the required read permissions. In order to change the identity use the IIS Manager, select the website, select “Authentication” (in section IIS), right click on “Anonymous Authentication”, run edit action and define a “Specific user”.

4 responses to “IIS 7.5 on Windows 7: How to fix “HTTP Error 401.3 – Unauthorized””

  1. THANKS! I just used your instructions to fix this issue on my Windows 7 machine here. The other sites I found while searching for a solution were not very clear – but yours were spot on. Thanks again.

  2. Thank you! I can go a step further. This 401.3 error will happen even if you have Anonymous Authentication turned off and are using Windows Integrated Instead. The first request gets denied, but it immediately runs a second. You should check this setting for every single IIS7.5 website you have.

Leave a Reply

Your email address will not be published. Required fields are marked *