Error message 401.2.: Unauthorized: Logon failed due to server configuration. Verify that you have permission to view this directory or page RRS feed

  • Question

  • User1838940990 posted

    Hi all,

    I am trying to debug asp.net website which uses the windows authentication, but while running the application locally , I ma getting the below error 

    Can you please help me to setup the app locally  to debug

    Error message 401.2.: Unauthorized: Logon failed due to server configuration.  Verify that you have permission to view this directory or page based on the credentials you supplied and the authentication methods enabled on the Web server.  Contact the Web server's administrator for additional assistance.

    below are some of the tags in my web.config

    <authentication mode="Windows"/>
    <deny users="?"/>
    <roleManager enabled="true" defaultProvider="SqlRoleManager">
    <add name="SqlRoleManager" type="System.Web.Security.SqlRoleProvider" connectionStringName="XXXXXX" applicationName="XXXX"/>

    <add name="XXXXX" connectionString="Data Source=XXXXX,1435;Initial Catalog=XXXXXXXX;Integrated Security=True" providerName="System.Data.SqlClient"/>

    I even tried the adding the below 

    <trust level="Full" /> in <system.web> section 

    Wednesday, January 30, 2019 12:22 AM

All replies

  • User-893317190 posted

    Hi techasuran,

    Are you using iisexpress?

    By default, windows authentication is closed. You should config your iisexpress's applicationhost.config  to enable it.

    Change the section group of windows authentication's overrideModeDefault property  to allow  so that you could override it in web.config.

     <sectionGroup name="authentication">
                        <section name="anonymousAuthentication" overrideModeDefault="Deny" />
                        <section name="basicAuthentication" overrideModeDefault="Deny" />
                        <section name="clientCertificateMappingAuthentication" overrideModeDefault="Deny" />
                        <section name="digestAuthentication" overrideModeDefault="Deny" />
                        <section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Deny" />
                        <section name="windowsAuthentication" overrideModeDefault="Allow" />

    Under webserver node, change lockItem to false

                    <add name="WindowsAuthenticationModule" lockItem="false" />

    Then you could config your web.config's  system.webserver node , add the following configuration.

            <windowsAuthentication enabled="true" />
            <anonymousAuthentication enabled="false" />

    For more information , you could refer to


    For iis, please refer to


    Best regards,

    Ackerly Xu

    Wednesday, January 30, 2019 1:41 AM