Microsoft KB Archive/942048

= Error message when you visit a Web site that is hosted on IIS 7.0: &quot;HTTP Error 403.19 - Forbidden&quot; =

Article ID: 942048

Article Last Modified on 9/27/2007

-

APPLIES TO


 * Microsoft Internet Information Services 7.0

-



SYMPTOMS
You have a Web site that is hosted on Internet Information Services (IIS) 7.0. When you visit this Web site in the Web browser, you receive an error message that resembles the following:

Server Error in Application &quot; &quot;

HTTP Error 403.19 - Forbidden

The configured user for this application pool does not have sufficient privileges to run CGI applications.

HRESULT: 0x80070522

Description of HRESULT: A required privilege is not held by the client.



CAUSE
This problem occurs because the identity of the application pool does not have the Replace a process level token user right.



RESOLUTION
To resolve this problem, use one of the following methods.

Method 1
Make sure that the identity of the application pool has the Replace a process level token user right. To do this, follow these steps:
 * 1) Click Start, click Run, type secpol.msc, and then click OK.
 * 2) In the Local Security Policy Microsoft Management Console (MMC) snap-in, expand Local Policies, and then click User Rights Assignment.
 * 3) In the details pane, right-click Replace a process level token.
 * 4) In the Replace a process level token Properties dialog box, click Add User or Group.
 * 5) In the Select Users or Groups dialog box, type the name of the user account, click Check Names to verify the account, and then click OK.

Method 2
Set the value of the Impersonate User property in the CGI settingsto false. To do this, follow these steps.
 * 1) Click Start, click Run, type Inetmgr, and then click OK.

If you are prompted for an administrator password or for confirmation, type the password or click Continue.
 * 1) In IIS Manager, expand  , expand Web Sites, and then click the Web site for which you want to change the CGI setting.
 * 2) Double-click CGI.
 * 3) Under the Security node, change the value of the Impersonate User property to False.

Keywords: kbexpertiseadvanced kbtshoot kbprb KB942048

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.