Wondering how to resolve ‘http error 401.3 – unauthorized’ in IIS? We can help you.

This error appears when the user account under which the IIS service runs does not have the required permissions to access and serve web server content.

Here at Bobcares, we handle requests from our customers using Windows servers to fix similar issues as a part of Server Management Services.

Today, let’s see how our Support Engineers fix this.

What causes the error ‘http error 401.3 – unauthorized’ in IIS?

At times while accessing sites users see the error as shown below:

Today, let us see some of the causes for the error.

• Firstly, the user authenticated by the Web server does not have permission to open the file on the file system.
• If the resource is located on a Universal Naming Convention (UNC) share, the authenticated user may not have sufficient share and NTFS permissions, or the permissions on the share may not match the permissions on the physical path.

• The file is encrypted.

How can we resolve the error ‘http error 401.3 – unauthorized’ in IIS?

Today, let us see the steps followed by our Support Techs to resolve the error ‘http error 401.3 – unauthorized’

Verify whether or not Anonymous Authentication is enable.

1. Firstly, open Windows Server Manager and expand the Roles.

2. Then, expand the Web Server (IIS) tree and highlight the Internet Information Services (IIS) Manager.

3. Then, expand the server name and select Webtrends Marketing Lab.

4. Under the IIS section to the right, open Authentication.

5. Finally, verify Anonymous Authentication’s status is set to Enable.

Assuming Anonymous Authentication is Enable and the error message persists, edit the Anonymous Authentication setting.

The default anonymous user identity should be the IUSR account, which should have access to the web server content.

If restrictions on this account prevent it from displaying this content then rights must be assign to enable functionality. Alternatively, selecting the “Set…” button will allow use of a different account, such as the Webtrends service account, though this will also require the same rights as the IUSR account.

An additional option is to select the Application pool identity which uses the Network Service account, but this will also grant anonymous users access to all internal network locations

To assign access rights, add the chosen account to the IIS_IUSRS group under the Local Users and Groups option in the Computer Management console.

To effect the changes made above, Open the IIS Manager. Stop, then restart the IIS Manager (or run “iisreset” from a command line).

Alternative steps that we can try

• Open Windows Explorer and check the ACLs for the file that is being requested. Make sure that the user accessing the Web site is not being explicitly denied access, and that they do have permission to open the file.
• Open Windows Explorer and check the ACLs for the share and the physical path. Ensure that both ACLs allow the user to access the resource.
• Open Windows Explorer and check the encryption properties for the file that is being requested. (This setting is located in the Advanced attribute properties dialog.)

• Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests.

[Need help to fix this windows error? We’d be happy to assist]

Conclusion

Today, we saw the causes and solutions provided for the error ‘http error 401.3 – unauthorized’ in IIS by our Support Techs.