IIS 7 and Above
Anonymous Authentication not working in IIS 10
Last post Nov 30, 2017 07:42 AM by Yuk Ding
Nov 28, 2017 02:55 PM|chhaya.rohra|LINK
I am working on a web application that has a requirement to do on-demand virus scanning on the uploaded file. To access the Virus scanning exe requires special user right, to do that I am enabling Anonymous Authentication for a page. This thing is working
fine in IIS 7 but when I tried to do same in IIS 10 web server, It is throwing 401 2 5 324 error code in IIS log file.
When I set my application pool to run under admin user it works fine. But when I tried with Anonymous authentication for a page it didn't work.
Kindly suggest the possible solution.
Nov 28, 2017 04:50 PM|lextm|LINK
Anonymous authentication is not just a check box. You need to set other settings like the article indicates.
Nov 29, 2017 06:58 AM|Yuk Ding|LINK
Could you explain where did you set the application pool admin user? Did you set it in IIS-> application pool-> advanced setting?
The 401.2 always means the error for authentication configuration. Just ensure you have enabled the anonymous authentication in IIS manager->site node->authentications->anonymous authentication->enable and click edit...->ensure the specific user is IUSR.
Then you need to grant IUSER enough permission to the fire that is required to be accessed.
Secondly, authentication user and application pool identity is quite different managed account. So for asp.net application, you also need to grant the application pool identity for example "IIS Apppool\DefaultAppPool（IIS Appool\app pool name)" the permission
to access the file especially when you were running the file outside the root path of your web application or virtual directory.
If you know how to use process monitor, it could also help you fix the permission issue in the worker process w3wp.exe.
Nov 29, 2017 07:22 AM|chhaya.rohra|LINK
I have enable Anonymous Authentication and set Specific User value to user having admin rights. Also I have enable ASP.Net Impersonation where Authenticated User radio button is selected.
I have set these setting for Aspx file and its dll file in bin directory. Do I need to set anything else at website level?
I want only specific page to be executed with admin user rights and rest of the pages should execute with Application Pool Identity user.
Nov 29, 2017 08:57 AM|Yuk Ding|LINK
I think all the application will use the same application pool identity. If you need to grant permission for specific page, you need to create a sub-application with only one page and set it to a dedicated application pool with admin account.
Or you could only use asp.net impersonate for specific page.
For IIS authenticated user, you only need to go to IIS manager-> site node->content view->select your file->switch to feature view->authentication->anonymous enable->edit->specific user to your admin account.
Nov 29, 2017 09:12 AM|chhaya.rohra|LINK
I have done the same thing as you mentioned to use IIS authenticated User for a specific page. But it is not working in IIS 10. The same thing worked on IIS 7.0.
Nov 29, 2017 04:22 PM|lextm|LINK
It is a little bit weird. Have you enabled anonymous authentication role service or feature when installing IIS?
Nov 30, 2017 07:42 AM|Yuk Ding|LINK
I met the same issue on my side when I try to set the authentication for specific page. But not sure why. Then I just removed the folder and create a new one. Then set the anonymous authentication again. Then it start working. Just try to remove the legacy
authentication configuration for the page in web.config and try again. In addition, just remember to clean the browser cache and recycle the application pool when you finish setting this.