Normally when setting up IIS 7, I'm used to allowing permissions to user IIS APPPOOL\{application pool name} on the root folder of my web application(s). I also give permissions to IUSR (or the IIS_IUSRS user group. (Note, in Windows Server 2008, I found that IUSR isn't in that group by default, so I added it).
In Windows Server 2008, I cannot find user IIS APPPOOL\{application pool name} under Security under the Windows Folder Properties. I'm using Windows Authentication in ASP.NET. I'm receiving a 401.1 on the page in Internet Explorer 8 after getting the authentication prompt. Mozilla Firefox also gave me a Windows authentication prompt, and got me into the site fine. Same with Google Chrome.
How can I solve this one?
HTTP Error 401.1 – Unauthorized
You do not have permission to view this directory or page using the credentials that you supplied.
Specific page information:
Module: WindowsAuthenticationModule
Notification: AuthenticateRequest
Handler: PageHandlerFactory-ISAPI-4.0_32bit
Error Code: 0x8009030e
Requested URL: http://.....aspx
Physical Path: C:\.........aspx
Logon Method: Not yet determined
Logon User: Not yet determined
Best Answer
This is most likely because IE will use your authenticated credentials rather than the anonymous user account. If your authenticated user doesn't have access then it will fail. One solution is to add your authenticated user to the site's root folder. With IE your credentials that you're using on the network will pass through to the site, but with the other browsers it will ask for a fresh set of credentials.
Your link in the 3rd comment sounds like a good lead. Did you try turning off Negotiate and seeing what happens? Changing the trusted and intranet zones in the 4th link is a good idea too.
btw, In Windows Server 2008 the IIS_IUSRS is taken care of virtually on the fly, so adding IUSRS doesn't hurt anything, but it's not needed either.