Using Windows Authentication with IISExpress


I do a lot of development with websites in Visual Studio 2013 nowadays. I’ve discovered that in order to use IISExpress with Windows Authentication, I had to jump through some hoops. You may find yourself banging your head on the wall trying to get IISExpress to work with Windows auth – so here are few tips for you.

Update your web.config

Make sure your web.config file both enables windows authentication and also denies anonymous authentication. HttpContext.Current.User.Identity.Name will be blank if the app falls through to anonymous authentication. Your config should look something like this:

<authentication mode="Windows" />
    <deny users="?"/>

Error 401.2 Unauthorized

Sometimes, you might get the 401.2 Unauthorized: Logon failed due to server configuration error. If you do, verify that you have permission to view this directory or page based on the credentials you supplied. Also make sure you have the authentication methods enabled on the Web server.

Updating applicationhost.config

You also might find you have to update the IISExpress applicationhost.config file (dont’ worry – I didn’t know it either). This is essentially the file version of the IIS configuration tool, where you can configure the web server itself. Finding the applicationhost.config file can be tricky. It might be in:



%userprofile%\my documents\iisexpress\config\applicationhost.config

Once you find it, update the following lines (paying special attention to enabled=true):

<windowsAuthentication enabled="true">
        <add value="Negotiate" />
        <add value="NTLM" />

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s