The information in this article applies to:
SUMMARYImproper modification of Microsoft Windows NT file system (NTFS) permissions may create an environment where browser clients fail when attempting to access the Microsoft Internet Information Server (IIS) publication services. MORE INFORMATION
Microsoft Windows NT version 4.0 installs on a new NTFS partition with
change permission for the group Everyone. Improper NTFS access permissions
involving other Windows NT accounts such as System, Network, Interactive,
and IUSR_ComputerName may affect the operation of IIS. Most of these
improperly defined permissions result in a browser client receiving an HTTP
response of 401 Access Denied.
The web master calls Microsoft Product Support, describing an issue in which no one can access his or her IIS server from a WWW client browser. A sniffer trace shows that all of the client browsers receive a 401 Access Denied error message in the HTTP response. The problem is the NTFS permissions. The Web master has allowed the IIS anonymous user account IUSR_ComputerName full access, but the web master has also explicitly denied the group Everyone. The IUSR_ComputerName account belongs to the group Everyone. An explicit deny always takes precedence over an allow, therefore no browser client can access the IIS server. Before contacting Microsoft Product Support Services, customers are encouraged to check the NTFS permissions to verify that any modified access permission is not the cause of improper IIS functionality. For more information on issues related to NTFS permission, please see the following articles in the Microsoft Knowledge Base: Q109076 : Removing Permissions to an NTFS Partition May Prevent Startup Additional query words: prodiis
Keywords : kbnetwork iisconfig iissetup |
Last Reviewed: April 27, 1999 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |