Re: IIS 6 - UNC - 401.1 - Access is denied due to invalid credentials

From: Augustus (
Date: 11/27/03

Date: Thu, 27 Nov 2003 04:16:51 -0800

Got this working now, starting from scratch (don't know
where it was wrong though).

>-----Original Message-----
>Dear David,
> Thank you for trying to help me out, but I'm puzzled
>with your answer. Is my current situation correct (can't
>login with Integrated Windows Authentication through IIS6
>to a protected directory on the NAS Applience), or could
>you give me a hint on what I'm missing (please note that
>delegation is activated).
> i have no idea how to go further from here.
>Thanks again
>>-----Original Message-----
>>Hmm... well, your question is already answered in that
>URL, and no, nothing
>>is wrong with your observed behavior.
>>You are assuming that all authentication can be
>delegated, which is
>>incorrect. Basic Authentication is the ultimate in
>unsafe delegation
>>because it just passes the username and password to the
>server and blindly
>>trusts that the server will do the right thing with it.
>>This posting is provided "AS IS" with no warranties, and
>confers no rights.
>>"augustus" <> wrote
>>1. I have "Integrated Windows authentication" checked for
>>both (local & nas) directories.
>>2. I cannot even view the page as administrator of the
>>domain (same error), so something is really wrong here.
>>3. Yes, I know the RemStorg.asp page you mention out of
>>head (even looked at the Web Cast on this argument)
>>>-----Original Message-----
>>>What authentication type did you enable on the UNC vdir?
>>>401.1 implies that IIS failed to obtain the user token
>>via LogonUser --
>>>usually due to incorrect username/password. If it's
>>anonymous -- check that
>>>the anonymous account is synchronized between the
>>metabase and SAM/AD.
>>>Have you looked at:
>>>This posting is provided "AS IS" with no warranties, and
>>confers no rights.
>>><> wrote in message
>>>Forgot to tell, UNC mapping is used to access the share:
>>>\\nas01\share\web\root\clientname\html indicating no
>>>username nor password, leaving "Always use the
>>>authenticated user's credentials when validating access
>>>the network directory." checked.
>>>The not password protected area is working well, just
>>>password protected directory is not working
>>>(file permissions are the same as the local website)
>>>Any ideas?
>>>thanks in advance,
>>>>-----Original Message-----
>>>>I've setup a Windows 2003 Standard Server as PDC with
>>>>and a NAS (Dell PV 725) with Windows Powered 2000
>>>>A simple website (IUSR read-only, client R/W) with a
>>>>password protected directory for the website statistics
>>>>(no IUSR, client read-only).
>>>>This situation hosted locally on the W2K3 IIS Server
>>>>fine, but results in a problem when is situated on the
>>>>NAS; the client cannot view the protected directory
>>>>through http, username & password are not accepted
>>>>resulting in a "HTTP Error 401.1 - Unauthorized: Access
>>>>denied due to invalid credentials. Internet Information
>>>>Services (IIS)" error.
>>>>FTP access for this user is working fine (R/W to his
>>>>website, read-only for the password protected
>>>>What can be wrong here?