SharePointTechnicalSupport

SharePoint Technical Support Blog in SharePoint Online | office 365 | azure

  • Home
  • Home
  • Solutions
    • SharePoint Server
      • SharePoint 2010
      • SharePoint 2013
      • SharePoint 2016
      • SharePoint Online
      • CU Patch Update
    • Project Server
      • Project Server 2010
      • Project Server 2013
      • Project Server 2016
      • Project Server Online
      • CU Patch Update
        • PWA2016
          • DECEMBER
        • PWA2013
      • News Project Server
    • Workflow
      • Nintex
      • SharePoint Designer
    • PowerShell
    • Windows Server
      • IIS
      • DNS
      • Active Directory
      • Windows Server 2016 Networking
    • Cloud
      • Azure
      • Office 365
  • Download
    • SharePoint Tools
    • Patch Update
      • SharePoint Patch
      • Project Server Patch
        • PWA2016
          • December
      • Office Patch
    • White Papers
    • Webinar
    • Presentation
      • SharePoint 2013 PPT
    • Video
  • MSDN Links
    • SharePoint
      • Gallery
      • Wiki
      • Forum
    • Microsoft Tech Community
    • Microsoft Docs
    • Microsoft Learn
    • Roadmap
    • Azure Update
    • SharePoint Fest
    • IIS
    • ProjectServer
      • Forum
    • Powershell Gallery
      • Powershell Forum
    • Microsoft Partner
    • sharepoint best practices
  • Contact Me

Home › Authentication › 403 forbidden error fix

403 forbidden error fix

By Deviprasad Panda on 02/10/2018

403 forbidden error fix

403 forbidden error fix done. Received below error while browsing SharePoint web app.

The website declined to show this webpage
HTTP 403
Most likely causes:
This website requires you to log in
403 forbidden error fix

if we create a copy of the web.config file, rename the web.config file, refresh the home page, we receive an “HTTP 404 – Page Not Found” error.

Rename the web.config file back and refresh the page. The site is browse able for a while before failing after some time, We see the following error in Failed Request Tracing.

403 forbidden error fix

A procmon trace captured while accessing the web app from the server showed the following:

w3wp.exe 4180 CreateFile
C:\inetpub\wwwroot\wss\VirtualDirectories\Web80.Contoso.com80\bin ACCESS DENIED Desired Access: Read Data/List Directory, Synchronize
Disposition: Open
Options: Directory, Synchronous IO Non-Alert
Attributes: n/a
ShareMode: Read, Write, Delete
AllocationSize: n/a
Impersonating: NT AUTHORITY\IUSR

This issue usually occurs when a request from an authenticated user without local admin rights results in a failed read of the /BIN directory by the impersonating w3wp.exe (IIS worker process for ASP.NET) process.This behavior is typically associated with lack of permissions to the temporary folder /BIN where ASP.Net assemblies are Just In Time (JIT) compiled.

Resolution

The solution is to ensure that the Authenticated Users or \Users group (which usually contains DOMAIN\Users group) has Read & Execute, List Folder Contents and Read permissions on the /BIN folder below

C:\inetpub\wwwroot\wss\VirtualDirectories\{Sitename80}

Follow the steps below to grant the required permissions:

  • Open Windows Explorer and navigate to the /bin directory of your web application
  • Right-click on the folder and click on Properties
  • Go to Security tab and click on Edit
  • Click on Add and add the local server group Authenticated Users or \Users (this usually contains DOMAIN\Users group).
  • Select the Read & Execute, List Folder Contents and Read permissions (if you are planning to add Everyone to the /bin folder, grant Read permissions only)
  • Click OK to apply the new settings
  • Refresh the page and we should be able to browse to the site.

More Information

If an administrator accesses the site/feature that caused the error, the subsequent requests from non-administrators would succeed. This behavior is typically associated with lack of permissions to the temporary folder where ASP.Net assemblies are Just In Time compiled.

The freb trace shows a 403.0 for ManagedPipelineHandler

It seems to go through quite a few ASPNet events – but happens during the ASPNetPageRender – it goes to the ASPNetPageRender Enter, then ASPNetHTTPHandler Leave.Only then does it get a 403.0 which is not an official RFC error. The first sub-status for 403 is 403.0.

Application pool in Classic or Integrated mode

Application Pool in Classic Mode – In this case, we can configure a Wildcard mapping for ASPNET_ISAPI.dll at the website level. That would propagate to child virtual directories. That should not need any further modifications at the virtual directory level.

Application Pool in Integrated Mode – In this case, all relevant virtual directories would need individual modifications. They need to be set for specific handler.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Pinterest (Opens in new window)

Related


‹ View all webs and site templates under site collection
shared mailboxes office 365 create ›

Categories: Authentication, Error Code, IIS, Permission, Site, Uncategorized

Tags: 403 forbidden accessing sharepoint site, 403 forbidden bypass, 403 forbidden error fix, ACCESS DENIED Desired Access, bin, bin-folder-permission, bin-permission, how to fix 403 forbidden, http-403, sharepoint 403 forbidden error solved, website declined to show, website requires you to log in

My Book

  • 1 Deviprasad Panda

Follow Me

  • YouTube
  • LinkedIn
  • Facebook
  • Twitter

Category Cloud

administration Authentication Cache content databases Default Health IIS InstallationConfiguration Migration Monitoring Performance Permission powershell powershell command powershell script Search Service Application sharepoint2010 SharePoint 2013 SharePoint 2016 SharePoint 2019 sharepoint server SharePointTools Site site collection Template web application WebPart WebService

Top Posts & Pages

  • create add a content database in sharepoint 2019
    create add a content database in sharepoint 2019
  • move site collection to dedicate content database
    move site collection to dedicate content database
  • Dismount Mount content database in sharepoint 2019 using powershell
    Dismount Mount content database in sharepoint 2019 using powershell
  • Backup restore site collection sharepoint
    Backup restore site collection sharepoint
  • user policy and permission policy level in sharepoint web application
    user policy and permission policy level in sharepoint web application
  • split nintex database in sharepoint
    split nintex database in sharepoint
  • Anonymous access policy in sharepoint web application
    Anonymous access policy in sharepoint web application
  • export import list library sites in sharepoint
    export import list library sites in sharepoint

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 775 other subscribers

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Contact Me

Bengaluru, India
support@spmcse.com
Everyday : 8 AM - 12 AM IST