I'm looking to figure out why KeePass2 installed on Ubuntu 12.04 Desktop keeps getting error 401 (Unauthorized) when accessing our password protected WebDAV server (hosted on IIS).
Firefox is able to connect using my credentials.
KeePass is not able to connect using the same credentials, produces 401 unauthorized.
Trying to connect with the "Connect to server" option also produces a 401 unauthorized.
I've tried connecting with user@domain, domain\user, user@fqdn.domain, fqdn.domain\user, \user, .\user, user. Firefox worked just fine with the standard 'user' and password method.
2014-04-03 21:31:32 10.xxx.zzz.yyy GET /webdav/ourpasswordfile.kdbx - 80 - 10.xxx.zzz.aaa - - 401 2 5 0
I noticed that Firefox seems to also generate a 401 error, but then the second request generates a log entry with the username.
2014-04-03 21:22:31 10.xxx.zzz.yyy GET /webdav/ourpasswordfile.kdbx - 80 - 10.xxx.zzz.aa Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64;+rv:26.0)+Gecko/20100101+Firefox/26.0 - 401 2 5 1272
2014-04-03 21:22:38 10.xxx.zzz.yyy GET /webdav/ourpasswordfile.kdbx - 80 domain\user 10.xxx.zzz.aaa Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64;+rv:26.0)+Gecko/20100101+Firefox/26.0 - 200 0 0 361
Any idea how I can go about getting our Linux friends connected? Am I missing a setting in IIS, or am I missing something else?
We have a user group that has modify access to the webdav folder, as well as the IIS_IUSRS. The users connecting need to be a part of the first group.
This whole process works fine on Windows machines, domain joined or not.
Best Answer
I'm not sure if this will directly help, since I've implement the server with apache on linux instead of IIS on windows. But I've made the keepass client work via DAV from Windows, Android, and Linux to that server, so I thought I would share what worked for me.
I found the keepass client to be very picky about Basic vs Digest Auth. I ended up having the server provide both on different url prefixes. I found the windows client worked with Basic auth, but the Linux client worked with Digest instead.
From your logs I suspect this next one isn't your problem, but just in case: if you don't have a self signed or otherwise invalid certificate: make sure you enable the options->advanced->"Accept invalid SSL certificates" option.