IIS binding limit (401.2 error)

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

Windows authentication process can take place on the user-mode (IIS worker process) or kernel-mode (HTTP.SYS). For the kernel-mode, there is a limitation: You can add maximum 64 bindings to your site. If you add 65 or more bindings, IIS displays “401.2 Unauthorized: Logon Failed Due to Server

 

Configuration with No Authentication” error even though the credentials are correct.

A change for Windows Server 2008 R2 or Windows Server 2012 R2 is not expected for this limitation.

 

Workaround

Use user-mode authentication for your application to get around binding limitation of kernel-mode.

Steps to use user-mode authentication instead of kernel-mode:

  1. Open IIS Manager
  2. Click on the website
  3. Go to “Authentication
  4. Select “Advanced Settings
  5. Uncheck “Enable Kernel-mode authentication

clipboard_image_0.jpeg

Continue with these steps:

  1. Open IIS Manager
  2. Click the website name
  3. Go to “Configuration Editor
  4. Select “system.webServer/security/ authentcation/windowsAuthentication
  5. Set “True” for “useAppPoolCredentials
  6. Set “False” for “useKernelMode
  7. Click “Apply

clipboard_image_1.jpeg

A discussion about the binding limit on IIS forum.

REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.