Access to console remotely throws a 401 Unauthorized error - 401.1 error

Article:TECH160741  |  Created: 2011-05-24  |  Updated: 2013-01-28  |  Article URL
Article Type
Technical Solution



Accessing the console remotely causes 401 Unauthorized error page. IIS logs show 401 1 (401.1) error.

Windows Security event logs show successful authentication from remote IP

Other problem could be:

Continually prompted for credentials when trying to get into the console.  This happens both at the server and from a remote console.


Symantec Management  Platform 7.1
Windows Server 2008 R2


Windows Authentication does not seem to properly function between IIS and Windows.

This seems to be an issue caused by IIS settings to use kernel mode authentication.


Disable the kernel mode authentication for Windows Authentication on the Altiris website.

  • Start the IIS manager and go into Sites > Default Web Wise > Altiris
  • On the /Altiris Home configuration page, pick IIS >  Authentication
  • On the Authentication page select  "Advanced Settings..." for "Windows Authentication"
  •  On the Advanced Settings dialog disable (uncheck) "Enable  Kernel-mode Authentication"
  • Run iisreset (with elevated privileges) and connections should now authenticate properly from remote locations/computers to the console

Note! Turning off kernel mode authentication will break IT Analytics.  Microsoft KB offers two workarounds to this problem -  "disable Pre-Authentication in Internet Explorer, or turn off Kernel Mode Authentication for the IIS Web application".

To "disable Pre-Authentication in Internet Explorer" add the following registry value to the computer that you are opening the console on: 

HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Internet Settings/

Value Name: DisableNTLMPreAuth
Data Type: REG_DWORD
Value: 1

Article URL

Terms of use for this information are found in Legal Notices