Fix:“401 – Unauthorized: Access is denied due to invalid credentials“ on ASP.NET MVC & IIS 7


There are a lot of different reasons for this error message for example the IIS process has no access for the files or the password of the account where the application runs is wrong. All in all: it is a not very clear defined error message. Martin has already written about a very interesting problem a short time ago (he found the Workaround here). The symptoms of the error have been this:

- Error message “401 – Unauthorized: Access is denied due to invalid credentials” from a remote machine

- Nothing special in the IIS Logs

- The site was shown correctly by the Remote Desktop localhost

imageWhat was wrong: If you turn the IIS Manager (IIS Manager -> Error Pages -> Edit Feature Settings) on Detailed Error the side works from outside as well without any kind of error messages. Mh?!

Beside the website was an ASP.NET MVC side but probably the problem would be the same with a regular ASP.NET. The page we want to see was the login page but that doesn’t work.

What about the detailed error settings?

You can change the settings at IIS Manager -> Error Pages and Edit Feature Settings (on the right side). The following is set as Default:


These settings effect that the detail-information’s of an error will be shown to the user if he comes through the localhost. Everyone else will see an unspecific site. At this page you can read more about the process. Most important part:


Now we are going to talk about the symptom: the site was shown correctly by the Remote Desktop localhost

What I recognized much later was that the site was shown correctly on the server but it was redeemed with Http Status 401. The “Response Body” consists of the Login site and because of this I didn’t recognized it before.

Like you can see on the process above: If the errorMode is set on “detailed” the Response Body will be rendered as error message. In my case the response body was the login page.

Why was the Status Code 401?

The main problem was: a “RenderAction()” on the Layout/Masterpage which leaned on an action where authentication was necessary. That’s what provoked the 401 error and for result it puts the login page into the body. Beside I do not know why this didn’t end up in a circle because the login site also uses the Layout.

The solution:

If you receive this kind of error message you have to check up if there is an RenderAction producing an error if there’s something wrong on your login page.

Other advice: Take a look on the Statuscodes of the site with Firebug or anything else.

This advice was from an answer on Stackoverflow asked by a guy with the same problem.

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

About the author

Written by

Learn more about our team.

  • Bob

    Thank you! This post saved my day.

Recent Posts

  • HowTo: make out Retweet-counter in a random URL

      Twitter offers some interesting functions with the integration of the twitter button – every user can see how often the website has been retweeted and he can do the same with just one click. But of course the whole thing has his price: - The integration of the Twitter JavaScript makes the whole data […]

  • Time-controlled Azure WebJobs – Azure as easy as it get‘s

        While still in development the Azure WebJob SDK offers some cool features for procession and supply of information. A good example is the sample that observes the Azure Queue and processes an item as soon as it spots one.   Scenario: time-controlled activities – without queue and so on My scenario was quite […]

  • image2021-570x194_thumb.png
    HowTo: Create RSS Feeds with ASP.NET MVC

    I’ve already written about how to consume RSS or Atom Feeds with the SyndicationFeed (in German, sry) but todays post is about how to create or publish an own feed. Beside the age of the feed standard and the much defamation from Facebook, Twitter and Google on RSS/Atom I consider this easy to consume API […]

  • image1997-311x194_thumb.png
    How to access an Azure Website with the local IIS Manager

    Since the end of February it is possible to access an Azure Website with the IIS Manager. Although the Azure Management site offers some information there are more details visible at the IIS Manager. For the connection you will need an IIS Manager and the IIS Manager for Remote Administration Extension. It’s also possible to […]

  • image1929-570x143_thumb.png
    Create and validate own Json-Web-Tokens (JWTs)

    If you are interested in web authentication you probably have heard about JSON Web tokens (JWT). What is a JWT? Maybe I’m not using the correct security termination but however: JWTs are used to exchange claims between two systems. For example: You want to log on to a service (like Facebook, Twitter, etc.) and want […]

Support us