Getting error "403 - Forbidden: Access is denied" on browser when user is NOT administrator

Question

We have an intranet web application (ASP.net/IIS) that was working fine on Windows Server 2008, we recently migrated to Windows Server 2019 and it works fine in development and test environments.

The application was deployed to a production server and in this case when we try to access the URL from a browser (Windows 10 station) it shows the error: "403 - Forbidden: Access is denied" on Google Chrome and Internet Explorer, this happens every time unless the Windows user is an administrator or the browser is started as an administrator.

I have searched for this situation but even though 403 error is common and there are many articles about how to solve it, none of them is related to the permissions of the client user. We already checked the certificate (for https/SSL) and the IIS SSL options, the IIS log shows the 403 error but nothing more useful.

What can be the cause of this? What should we check on the Server or Station?

Thanks,

Johann

Answer 1

Just in case it helps someone else, I found that this error was due to a missing web.config file.

I have a Blazor Server app and just copied the contents of my bin/debug folder into my iis hosting folder. However, this output doesn't include web.config.

I spent a lot of time looking at permissions on my hosting folder, but all I needed was to formally publish the app, which generates the web.config file and everything now works as it should