Description: You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.
The user authenticated by the Web server does not have permission to open the file on the file system.
If the resource is located on a Universal Naming Convention (UNC) share, the authenticated user may not have sufficient share and NTFS permissions, or the permissions on the share may not match the permissions on the physical path.
The file is encrypted.
What you can try:
Open Windows Explorer and check the ACLs for the file that is being requested. Make sure that the user accessing the Web site is not being explicitly denied access, and that they do have permission to open the file.
Open Windows Explorer and check the ACLs for the share and the physical path. Ensure that both ACLs allow the user to access the resource.
Open Windows Explorer and check the encryption properties for the file that is being requested. (This setting is located in the Advanced attribute properties dialog.)
Create a tracing rule to track failed requests for this HTTP status code. For more information about creating a tracing rule for failed requests, click here.
The user trying to access the page was successfully logged on, but the user does not have permission to access the resource. This means the access control list (ACL) for the resource
either does not include the user or explicitly denies the user. Check the ACL for the resource and add the user to the ACL. If the content is located on a share, ensure both NTFS and share permissions allow the user access. It is also possible that the user
is part of a group that is denied access.
1) Make sure that you are not using hidden directories as root of your website.
2) Find out the account that you are using for anonymous access (IUSR by default) and make sure it has read rights on the content directory. You can find out the anonymous account name by right clicking and selecting EDIT the "Anonymous Authentication" field
inside Authentication properties of the website. Over here you can also change the account for anonymous authentication.
On a side note,
Process Monitor is usually great tool to troubleshoot such permission issues.
Process Monitor always seems to do the trick. I just encountered this error under similar circumstances. In my case Network Service was denied to the project folder.
HiSoC8Y
1 Post
problem with directories outside the wwwroot
Feb 26, 2007 07:14 PM|LINK
hi
i tested "Default Web Site", works fine.
but i tried to create a virtual directory, under C:\Users/MyUsername/Documents/Development, but doesnt work.
i gave IIS_IUSRS the permissions on that directory, but still, i get this error when i try to browse in IIS:
======================================================================
HTTP Error 401.3 - Unauthorized
Description: You do not have permission to view this directory or page because of the access control list (ACL) configuration or encryption settings for this resource on the Web server.
Error Code: 0x80070005
Notification: AuthenticateRequest
Module: IIS Web Core
Requested URL: http://localhost:80/dev
Physical Path: C:\Users\HiSoC8Y\Documents\Developments\site\site.com
Logon User: Anonymous
Logon Method: Anonymous
Handler: StaticFile
Most likely causes:
What you can try:
More Information...
The user trying to access the page was successfully logged on, but the user does not have permission to access the resource. This means the access control list (ACL) for the resource either does not include the user or explicitly denies the user. Check the ACL for the resource and add the user to the ACL. If the content is located on a share, ensure both NTFS and share permissions allow the user access. It is also possible that the user is part of a group that is denied access.Microsoft Knowledge Base Articles:
========================================================================
Any help to solve this issue?
Regards,
HiSoC8Y
SharePoint Technologies 2007 Forums
ApurvaJoshi
134 Posts
Microsoft
Re: problem with directories outside the wwwroot
Feb 26, 2007 11:07 PM|LINK
With IIS7 IUSR (Buitin user account) replaces IUSR_MachineName. See following for more details on these accounts.
http://www.iis.net/default.aspx?tabid=2&subtabid=25&i=1026
So,
1) Make sure that you are not using hidden directories as root of your website.
2) Find out the account that you are using for anonymous access (IUSR by default) and make sure it has read rights on the content directory. You can find out the anonymous account name by right clicking and selecting EDIT the "Anonymous Authentication" field inside Authentication properties of the website. Over here you can also change the account for anonymous authentication.
On a side note, Process Monitor is usually great tool to troubleshoot such permission issues.
HTH,
AJ
Tmelo1968
1 Post
Re: problem with directories outside the wwwroot
Sep 22, 2009 02:32 AM|LINK
ananthat
1 Post
Re: problem with directories outside the wwwroot
Nov 01, 2011 06:39 AM|LINK
Grant everyone permission (with read) for wwwroot folder
- Ananth N