Stored User Account Preventing Anonymous Access to IIS Using K2.net 2003 with custom user manager application. HTTP Status 401: Unauthorized error occurs.

 Article Contents

 Overview

 Windows XP

 Windows Server 2003



 
Overview
If ADUM is not being used and SQL User Manager or a 3rd party user manager is used to mange user login in conjunction with K2.net 2003 and K2.net Workspace, ensure that you have enabled "Anonymous Access" from within IIS. The "Anonymous User" account has automatic access rights to certain Server Service.
To enable this setting proceed to Administrative Tools from within the Windows Control panel, and open the IIS management console. Right click on your website and then select properties. Select the Directory Security tab and then edit.
Enable Anonymous Access as shown below.

  

Once this setting is enabled and the user attempts to log on to the K2.net® 2003 Workspace using any other user manager other than ADUM (Active Directory User Manager) (with anonymous access selected in IIS) the following error will be encountered "The request failed with HTTP status 401: Unauthorized". The client system attempting to connect to IIS, most likely has a Username and Password for the IIS stored locally.
Note: The Username and Password do not grant the user permissions on IIS to execute Web services on the server. The error occurs as the user is authenticated on the Server but not authorized to execute the web service

  

To repair this error, the Administrator is required to remove any stored usernames and passwords for the server from the client computer. Perform the following steps on the Client workstation.

Back to Top 
 
Windows XP
  • Click "Start>Control Panel"

Classic View:

  

 
Category View:
  
  • Select "User Accounts"
  • From the User Account dialog box, select the User tab
  • Select the active User on the Client computer
 

  

 
  • Select the "Advanced" tab from the dialog box and click the "Manage Passwords" button
 

  

 
  • In the dialog box "Stored User Names and Passwords" that appears, search for the IIS server name in the list and select it
  • Click the "Remove" button

  

  • Close the dialog box
  • Close User Accounts and the Control Panel

Back to Top 
 
Windows Server 2003
In the Control Panel, select and open "Stored User Names and Passwords"
  
  • In the dialog box that appears, search for the IIS server name in the list and select it
  • Click the "Remove" button

  

 
  • Close the dialog box by clicking the "Close" button

Back to Top