Application Pool with a domain user account identity


Context

Windows Server 2003 / IIS6
– Virtual Directory running under an application pool with a domain user account identity
– Virtual Directory security is set to Integrated authentication only
– Trying to access this virtual directory from a domain user account (same domain as app pool identity account)

Symptoms
From web server, no pb.
From another machine, domain user is challenged for user name and password and fail in 401. HTTP Error 401.1 – Unauthorized: Access is denied due to invalid credentials

Resolution
Using NTLM only solves the issue
This can be done with the following command (typically from C:\Inetpub\AdminScripts)

cscript adsutil.vbs w3svc/NtAuthenticationProviders “NTLM”

Comments (1)

  1. Anonymous says:

    Hi. when i try and run the Ntauthenticationproviders command it says that its unrecognized. can you please help