PRB: 401 Error message if user is not included in the Bypass Traversal Checking policy (324333)
The information in this article applies to:
- Microsoft Internet Information Server 4.0
- Microsoft Internet Information Services 5.0
- Microsoft Internet Information Services version 5.1
- Microsoft Internet Information Services version 6.0
This article was previously published under Q324333 We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site: SYMPTOMS When you connect to any page on an Internet Information
Services (IIS) Web site, you may receive the following error message:
401.3 Unauthorized due to ACL on resource
CAUSE This can occur if the account that is trying to access
resources on the server does not have enough NTFS file system permissions on
the resource. RESOLUTION Do not remove the Everyone group from the Bypass Traverse
Checking policy. If the Everyone group must be removed from the policy for
security reasons, make sure that the IUSR account is listed in the policy.
STATUSThis
behavior is by design.REFERENCES
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
812614
Default permissions and user rights for IIS 6.0
271071 How to set required NTFS permissions and user rights for an IIS 5.0 Web server
187506 Required NTFS permissions and user rights for IIS 4.0
| Modification Type: | Major | Last Reviewed: | 11/17/2005 |
|---|
| Keywords: | kbprb KB324333 kbAudDeveloper |
|---|
|