Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 324333 - Last Review: July 7, 2008 - Revision: 7.1
PRB: 401 Error message if user is not included in the Bypass Traversal Checking policy
This article was previously published under Q324333
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
For more information about IIS 7.0, visit the following Microsoft Web site:
When you connect to any page on an Internet Information
Services (IIS) Web site, you may receive the following error message:
401.3 Unauthorized due to ACL on resource
This can occur if the account that is trying to access
resources on the server does not have enough NTFS file system permissions on
the resource.
Do not remove the Everyone group from the Bypass Traverse
Checking policy. If the Everyone group must be removed from the policy for
security reasons, make sure that the IUSR account is listed in the policy.
This
behavior is by design.
Steps to reproduce the behavior
- Tighten the NTFS permissions on the resource.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
271071Â
(http://kbalertz.com/Feedback.aspx?kbNumber=271071/
)
Minimum NTFS permissions required for IIS 5.0 to work
- Remove Everyone from the local Bypass Traverse Checking
security policy.
- Try to access a simple HTML page on IIS. You receive the
401.3 error message.
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
812614Â
(http://kbalertz.com/Feedback.aspx?kbNumber=812614/
)
Default permissions and user rights for IIS 6.0
271071Â
(http://kbalertz.com/Feedback.aspx?kbNumber=271071/
)
How to set required NTFS permissions and user rights for an IIS 5.0 Web server
187506Â
(http://kbalertz.com/Feedback.aspx?kbNumber=187506/
)
Required NTFS permissions and user rights for IIS 4.0
APPLIES TO
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
- Microsoft Internet Information Services version 5.1
- Microsoft Internet Information Services 6.0
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate