64

I have just installed the IIS so I can view asp files in a browser but when I put the address in a browser as : http://localhost/index.asp I get an error.

The error shows this:

HTTP Error 401.3 - Unauthorized You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.

I really need to get this sorted out, I would highly appreciate any advice on this.

zzzzBov
  • 174,988
  • 54
  • 320
  • 367
Sam
  • 1,207
  • 4
  • 26
  • 50
  • Did you look at the permissions of the file? http://support.microsoft.com/default.aspx?scid=kb;EN-US;942042 – Damon Bauer Nov 22 '11 at 19:59
  • 2
    No doubt the permissions on your webroot, IIRC adding IUSR account will sort the problem out. – Phil Parsons Nov 22 '11 at 19:59
  • @Phil Parsons - sorry how do I do this? – Sam Nov 22 '11 at 20:10
  • @motoxer4533 - I have opened the security tab on the file and it shows that I have full control. – Sam Nov 22 '11 at 20:17
  • 1
    Try adding the user 'Everyone', with full control – Damon Bauer Nov 22 '11 at 20:22
  • @motoxer4533 I have added the user with full control but this still shows the same error. – Sam Nov 22 '11 at 20:33
  • 3
    @motoxer4533 Seriously? - adding everyone will full control is not a fix and depending on security setup possibly downright dangerous! – dan360 Nov 22 '11 at 23:27
  • 1
    @dan360 on localhost, where theres no access to the outside world, does it really matter? – Damon Bauer Nov 23 '11 at 02:41
  • Could you please have a look at my answer on [ASP MVC in IIS 7 results in: HTTP Error 403.14 - Forbidden](http://stackoverflow.com/questions/1741439/asp-mvc-in-iis-7-results-in-http-error-403-14-forbidden/41363973#41363973). – Murat Yıldız Dec 28 '16 at 14:24

6 Answers6

92

My issue was around the identity used in the app pool. I changed the site's Authentication to "Application pool identity" as well as giving the directory the appropriate permissions.

enter image description here

LawMan
  • 3,469
  • 1
  • 29
  • 32
88

OK, working from memory here as I am not in front of a Windows machine.

If you right click on your webroot folder /inetpub/wwwroot/ or the website directory you are working on open properties and select security, I think it is, you will see the list of users with their permissions for that folder. There is a section to add new users where you can add the IIS_IUSRS account (search from the list of users if you need to) which will be the default user used when anonymous authentication is enabled. Give this account the relevant permissions (read, write, execute) ensuring you apply to file and subfolders. Refresh the website in IIS and you should hopefully be good to go.

Daniel Sokolowski
  • 11,982
  • 4
  • 69
  • 55
Phil Parsons
  • 2,857
  • 22
  • 15
  • 3
    +1 - I had exactly this problem and your solution worked first time. Thanks! – Mark Whitaker Nov 28 '12 at 13:42
  • 11
    Just for future reference this works because the IUSR account is responsible for loading static resources. For dynamic resources you need to give permissions to whatever your application pool is running under, usually "NetworkService" – devshorts Apr 12 '13 at 17:46
  • I had to both add "Forms Authentification" and give rights to "Everone " on the directory. – JanBorup Feb 25 '14 at 12:54
  • 22
    I had to give permission to IUSR instead of IIS_USRS – Dipendu Paul Feb 26 '16 at 10:43
  • As in LawMan's answer, the user for me is IUSR. So I added IUSR as Dipendu Paul said and then it worked. Since I tried other things also it is not clear that adding permission for IUSR is everything that is necessary but at least I have an explanation for why adding permission for IUSR might be necessary. This is for a personal IIS that I set up just now in Windows 10. – Sam Hobbs Mar 23 '16 at 01:54
  • For me, it worked by adding Everyone (obviously it worked) but more specifically it needed IUSR – Fox Jul 25 '16 at 02:02
4

I had one folder not working (extracted from a zip file which came from an email from some kind of MS Sharepointy thing. Or something). The files were all marked with Windows Explorer -> Right Click -> Properties -> Advanced -> Encrypt contents to secure data. Unticking cured it.

Chris F Carroll
  • 11,146
  • 3
  • 53
  • 61
1

In my case I had created an application in IIS 7 on Windows 7 using "Add Application" on the Default Web Site. I had to add the "users" account from the local machine and that got rid of the permissions error.

SonicVader
  • 11
  • 1
0

I had this happen to me and what I needed to do was apparently add a web.config file. Doesn't matter that it was just a PHP site, and that "Everyone" had full control. Until there was a basic Web.config - NO DICE!

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <handlers accessPolicy="Read, Execute, Script" />
        <defaultDocument>
            <files>
                <clear />
                <add value="index.php" />
                <add value="Default.htm" />
                <add value="Default.asp" />
                <add value="index.htm" />
                <add value="default.aspx" />
            </files>
        </defaultDocument>
        <directoryBrowse enabled="false" />
    </system.webServer>
</configuration>
jocull
  • 20,008
  • 22
  • 105
  • 149
-4

Here, the set up process is explained in detail. You can follow the steps.

http://coldfusion-tip.blogspot.com/2013/10/you-do-not-have-permission-to-view-this.html

Roul
  • 945
  • 1
  • 12
  • 34