IIS Express HTTP Error 401.2 - Unauthorized

Question

I have tried the suggestions in this post but I can not get Windows Authentication working with IIS Express in Vision Studio 2010. Now I get following error:

Here are my applicationhost.config file entries:

...
<add name="WindowsAuthenticationModule" lockItem="false" />
...
<authentication>

    <anonymousAuthentication enabled="true" userName="" />

    <basicAuthentication enabled="false" />

    <clientCertificateMappingAuthentication enabled="false" />

    <digestAuthentication enabled="false" />

    <iisClientCertificateMappingAuthentication enabled="false">
    </iisClientCertificateMappingAuthentication>

    <windowsAuthentication enabled="true" />
</authentication>
...
<sectionGroup name="authentication">
    <section name="anonymousAuthentication" overrideModeDefault="Allow" />
    <section name="basicAuthentication" overrideModeDefault="Allow" />
    <section name="clientCertificateMappingAuthentication" overrideModeDefault="Allow" />
    <section name="digestAuthentication" overrideModeDefault="Allow" />
    <section name="iisClientCertificateMappingAuthentication" overrideModeDefault="Allow" />
    <section name="windowsAuthentication" overrideModeDefault="Allow" />
</sectionGroup>

My web.config:

<system.web>
    <authentication mode="Windows" /> 
</system.web>
<system.webServer>
    <security>
        <authentication>
            <anonymousAuthentication enabled="false" />
            <windowsAuthentication enabled="true" />        
        </authentication>
    </security>
</system.webServer>

This is .NET 4

Answer 1

Make sure you have something like below in your applicationhost.config file

<windowsAuthentication enabled="true">
  <providers>
    <add value="Negotiate" />
    <add value="NTLM" />
   </providers>
</windowsAuthentication>

This file is probably in %HOMEPATH%\Documents\IISExpress\config\

Answer 2

I've had such a problem in VS 2013 with IIS 8.0 Express when I wanted to update Service Reference. A dialog popped up asking for username/password. A strange substring was added to the service url:

_vti_bin/ListData.svc

I started configuring windows authentization as mentioned in some posts in this page in applicationhost.config. Finally, the working configuration can't have Negotiate provider:

<windowsAuthentication enabled="true">
  <providers>
    <!--<add value="Negotiate" />-->
    <add value="NTLM" />
   </providers>
</windowsAuthentication>

And the anonymous authentication must be disabled:

<anonymousAuthentication enabled="false" />
<windowsAuthentication enabled="true" />

Answer 3

Try adding the following to your web.config.

<system.webServer>
    <validation validateIntegratedModeConfiguration="false" />
    <modules runAllManagedModulesForAllRequests="true" />
    <security>
        <authentication>
            <windowsAuthentication enabled="true" />
        </authentication>
    </security>
</system.webServer>