Unable to open the Web...You are not authorized to perform the current operation

S

ssg31415926

I'm getting the error: "Unable to open the Web 'http://blah/blahblah'.
You are not authorized to perform the current operation". I have
changed a few things recently but I can't change them back as I need
them. I can't find anything about it using searches.

Yesterday, I removed the "Enable anonymous access" option from my web
(within the Default Web Site). The web has Integrated Windows
authentication checked. The site must check AD group membership so I
need these options set like this. (It runs with a particular AppPool
which uses a network account.)

Immediately afterwards, when I tried to access a page on the site the
User name/Password authentication pane appeared - this wasn't
happening before. A bit of research revealed that a site set up like
this needs an SPN. The server itself had two, one with the netbios
name and one with the fully qualified DNS name. So, I set up two for
the AppPool account. After this, when I tried to access the page, I
didn't get the authentication panel. So far, so good.

However, today I decided to tweak a page, so I went to open up the
site in VS2005 and got the User name/Password authentication pane - I
tried my ID (which is a member of Administrators on the server) and it
didn't work - the pane reappeared. When I clicked cancel I got this
error: "Unable to open the Web 'http://blah'. You are not authorized
to perform the current operation"

Any suggestions?

(The server is 2003 R2, patched to recent.)
 
G

Guest

I'm getting the error: "Unable to open the Web 'http://blah/blahblah'.
You are not authorized to perform the current operation". I have
changed a few things recently but I can't change them back as I need
them. I can't find anything about it using searches.

Yesterday, I removed the "Enable anonymous access" option from my web
(within the Default Web Site). The web has Integrated Windows
authentication checked. The site must check AD group membership so I
need these options set like this. (It runs with a particular AppPool
which uses a network account.)

Immediately afterwards, when I tried to access a page on the site the
User name/Password authentication pane appeared - this wasn't
happening before. A bit of research revealed that a site set up like
this needs an SPN. The server itself had two, one with the netbios
name and one with the fully qualified DNS name. So, I set up two for
the AppPool account. After this, when I tried to access the page, I
didn't get the authentication panel. So far, so good.

However, today I decided to tweak a page, so I went to open up the
site in VS2005 and got the User name/Password authentication pane - I
tried my ID (which is a member of Administrators on the server) and it
didn't work - the pane reappeared. When I clicked cancel I got this
error: "Unable to open the Web 'http://blah'. You are not authorized
to perform the current operation"

Any suggestions?

(The server is 2003 R2, patched to recent.)
Click to expand...

What permissions do you have on the directory where the website is
located?
 
S

ssg31415926

My account is a member of local Administrators on the server (one of
many things I had to do to get remote debugging working). It has Full
Control over the folder. I've checked the individual files and the
Full Control permissions are inherited. I can access the pages using
a browser, I just can't edit the site.

I did have a Kerberos problem for a while but resetting the server's
SPN seems to have fixed it - at least, there are now no error messages
in the event log on restarting the server.
 
S

ssg31415926

It's definitely to do with the SPNs: I deleted the two SPNs I added
the other day and the problem reverted back to the original: IE asked
for credentials but refused to accept them, VS2005 didn't ask for
creds and successfully accessed the site.

Then I added back the SPN (using SETSPN -A http/fqdn.of.server
NetBIOSDomainName\AccountName) and the problem swapped back: IE didn't
ask for creds and successfully accessed the site, VS2005 asked for
credentials but refused to accept them.

So, it's something to do with the Service Principal Name, but what?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

The Application attempted to perform an operation not allowed 1
Trying to access hdml from an open browser using Python. 1
You are not authorized to view this page 4
401 Not Authorized error when trying to authenticate XML web service 0
The Application attempted to perform an operation not allowed 0
You are not authorized to view this page - II 6.0/Windows 2003 0
not authorized message when accessing web server 3
"You are not authorized to view this page" ??? 1

Members online

No members online now.
Total: 63 (members: 1, guests: 62)
Robots: 492

Forum statistics

Threads
473,969
Messages
2,570,161
Members
46,710
Latest member
bernietqt

Latest Threads

Top