401 - Unauthorized: Access is denied due to invalid credentials. You do not have permission to view this directory or page using the credentials that you supplied. RRS feed

  • Question

  • User532500805 posted

    Receiving this error message after changing IIS and .NET Authorization Rules to only Allow local "Administrators" roles

    OS: Windows Server 2016 running IIS 10

    Our Application Pool is running under an ApplicationPoolIdentity. Anonymous Authentication is enabled and running App Pool identity. ASP.NET impersonation is enabled as well. Windows Authentication is disabled (this is an externally facing website)

    I have added the IIS AppPool\AppPool to the IIS_IUSRS group, Administrator group, and Users group.

    I also granted Full Control ACLs for IIS AppPool\AppPool and the IIS_IUSRS group to the Website path (using icacls "WebsitePath" /grant "IIS AppPool\AppPool:(OI)(CI)(IO)F" /T)

    Still, no luck. just keep getting a 401. running Process Monitor doesn't show any error status or permission issues.  There is nothing in he server event logs.

    What am I missing still??


    Friday, April 2, 2021 3:36 PM

All replies

  • User1535942433 posted

    Hi ELNerdo79,

    As far as I think,you need to change Anonymous user identity from Application pool identity  to Specific User.You could  follow bellow steps:

    1.IIS Manager → Sites → Website

    2.Double click "Authentication"

    3.Select Anonymous Authentication from the Actions panel, select Edit

    4.Select Specific User

    Just like this:


    Best regards,

    Yijing Sun

    Monday, April 5, 2021 5:01 AM