You cannot access a document library on a
Windows SharePoint Services 3.0 or Windows SharePoint Services 2.0 Web site from a client computer that is
running one of the following operating systems:
- Windows Vista
- Microsoft Windows XP Service Pack 2 (SP2) or later versions of Windows XP
- The 64-bit version of Windows XP or later versions of Windows XP
- Windows Server 2003 Service Pack 1 (SP1) or later versions of Windows Server
This issue occurs if you use a
connection method that uses Windows shell components or Explorer View.
For example, you may experience one or more of the following symptoms:
- If you try to map a drive to a document library by using
the net use command, you are prompted to type your user name and password.
After you type your user name and password, you receive the following error
message:
System error 5 has occurred.
Access is
denied.
- If you try to view a document library by using Explorer
View, you are prompted several times to type your user name and password. If
you click Cancel, Explorer View displays Web folders.
This behavior occurs if the following conditions are true:
- You connect to the server that is running Windows SharePoint Services 3.0 or Windows SharePoint Services 2.0 from a client computer that is running Windows Vista or Windows XP Service
Pack 2 (SP2) or a later version of Windows XP.
- The server is configured to use Basic
authentication.
For security purposes, Windows Vista and Windows XP SP2 disable Basic
authentication in the Web Distributed Authoring and Versioning (WebDAV)
Redirector. Both Explorer View in Windows SharePoint Services and the Windows
shell commands that are associated with Windows SharePoint Services use WebDAV
redirector technology.
To have us enable Basic authentication on the client computer for you, go to the "
Fix it for me" section. If you prefer to fix this problem yourself, go to the "
Let me fix it myself" section.
Fix it for me
To fix this problem automatically, click the
Fix it button or link. In the
File Download dialog box, click
Run, and then follow the steps in the Fix it Wizard.
Notes- This wizard may be in English only. However, the automatic fix also works for other language versions of Windows.
- If you are not on the computer that has the problem, save the Fix it solution to a flash drive or a CD and then run it on the computer that has the problem.
Then, go to the "
Did this fix the problem?" section.
Let me fix it myself
Windows XP and Windows Server 2003
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756Â
(http://kbalertz.com/Feedback.aspx?kbNumber=322756/
)
How to back up and restore the registry in Windows
To work around this behavior, enable Basic authentication on
the client computer. To do this, add the
UseBasicAuth
registry entry to the
following registry subkey, and then set the entry to a non-zero value:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
To enable Basic authentication on the client computer, follow
these steps:
- Click Start, and then click
Run.
- In the Open box, type
regedit, and then click OK.
- Locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
- On the Edit menu, point to
New, and then click DWORD Value.
- Type UseBasicAuth, and then press
ENTER.
- On the Edit menu, click
Modify.
- In the Value data box, type
1, and then click OK.
Note Basic authentication is enabled if the
UseBasicAuth
registry
entry is set to a non-zero value. Basic authentication is disabled if the
UseBasicAuth
registry
entry is not present or if the UseBasicAuth
registry entry is set to 0
(zero). - Exit Registry Editor, and then restart the
computer.
Windows Vista
Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756Â
(http://kbalertz.com/Feedback.aspx?kbNumber=322756/
)
How to back up and restore the registry in Windows
To work around this behavior, enable Basic authentication on
the client computer. To do this, add the
BasicAuthLevel
registry entry to the
following registry subkey, and then set the entry to a value of 2 or more:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
To enable Basic authentication on the client computer, follow
these steps:
- Click Start
Collapse this imageExpand this image
- Locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
- On the Edit menu, point to
New, and then click DWORD Value.
- Type BasicAuthLevel, and then press
ENTER.
- On the Edit menu, click
Modify.
- In the Value data box, type
2, and then click OK.
Note The mapping is as follows: - 0 - Basic authentication disabled
- 1 - Basic authentication enabled for SSL shares only
- 2 or greater - Basic authentication enabled for SSL shares and for non-SSL shares
- Exit Registry Editor, and then restart the
computer.
Did this fix the problem?
- Check whether the problem is fixed. If the problem is fixed, you are finished with this section. If the problem is not fixed, you can contact support
(http://support.microsoft.com/contactus)
.
- We would appreciate your feedback. To provide feedback or to report any issues with this solution, please leave a comment on the "Fix it for me
(http://blogs.technet.com/fixit4me/)
" blog or send us an email
(mailto:fixit4me@microsoft.com?Subject=KB)
.
WebDAV is an extension of Hypertext Transfer Protocol
(HTTP), and includes the use of Basic authentication. Basic authentication is
one form of user authentication where a user is identified to the server.
When
the server is configured to use Basic authentication, the client computer
transmits the users' credentials to the server. If the channel is not
encrypted, such as in typical HTTP traffic, a malicious user on another
computer on the network can possibly intercept the user name and password of
that user.
Since a user's credentials can be possibly compromised if they are sent in clear text, Windows Vista and Windows XP SP2 include functionality that permits you to control the use of Basic authentication by the DAV redirector.
The DAV redirector prior to Windows Vista does not support encrypted HTTP, such as HTTPS or Secure Sockets Layer (SSL) resulting in the transmission of the users' credentials without encryption if the server supports Basic authentication. Beginning with Windows Vista the DAV redirector supports SSL and by default disables the use of Basic authentication without SSL enabled.
By default, Basic
authentication is disabled in Windows Vista and in Windows XP SP2. When Basic authentication is
disabled, either the client computer uses a different authentication method (if
the server supports a different authentication method), or the request fails.
For more information about Windows SharePoint Services 3.0, visit the
following Microsoft Web site:
For more information about Windows SharePoint Services 2.0, visit the
following Microsoft Web site: