This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 1%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hey there,
I have a trouble where I can't connect myself from a "user" computer to my intranet SharePoint.
So I've created a web application from "admin" computer A, that host my SP2016 Vms. I have no trouble to create a Web app, and can even create and connect to a site collection.
However, when I switch to a "user" computer B, I cannot connect to the Web app, despite using any login.
So I've checked my authentification on the IIS, and noticed that Anonynous Auth, ASP .NET impersonation, Form auth and Windows auth were enabled. Which is quite weird, since I didn't check the Form or Anonymous cases (and they aren't checked in my web app option panel via SP2016). So I disabled both of them, but I still get a error 401 from Firefox on computer B.
Please note that there's no proxy or firewall between my 2 computer, but there're not on the same VLAN. My domain is hosted on another computer C, computer A only host SP2016 and MSSQL. My web app is the "default" one on port 80, same for the authentification parameters (NTLM, but Kerebos doesn't work also)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(297.6, 88%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHM%3C/text%3E%3C/svg%3E)
Hi @Marth83 , may I know if there is any detail error message apart from 401 error ? And may I know the difference between admin computer A and user computer B ?
Hi there,
I don't have a specific error, except "the connexion was reset" from Internet Explorer.
I tried to open the Web app to anonymous connexion, and it works : I can surf and use my web app without being connected. But when I try to sign-in, after entering my ID, the connexion is reset.
I saw that my GPO doesn't allow basic and digest authentification. Negociate authentification is also disabled, but Kerberos is enable.
Computer A is the admin of the domain, while computer B is just a random user. There's a firewall between the 2 computers (but everything is currently opened).
When I try to connect from another admin computer, but not located on the same server, it also doesn't work (same error) : in fact, I have 2 servers with multiple VMs : one is for the AD, the other one for SP2016. So I can ping "SharePoint" from the AD, but I can't authentificate on the Web app.
I tried to run the policy assistant to see if all the policies are applied, and they were in fact applied to my SP2016 server.
However, I still have 1 error for a "certificate validation that exceed the execution time threshold".
Hopefully this will help,
Marth83
Could you please try to enable "Anonymous Authentication" and right click "Anonymous Authentication" then "Edit". And then click "Set" and input username and password for your computer B.
Hey there, I finally found the solution.
The firewall was disabled, but its "app protection" was still running. Since SharePoint was in http, the firewall detected the connexion as a HTTP buffer overload. Since it can be the sign of an intrusion by a cybercriminal, the firewall blocked the connexion.
So I just moved to https, and now everything is working perfectly.
Thanks a lot for your help!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(256, 90%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Hi, if the posted answer resolves your question, please mark it as the answer by clicking the check mark. Doing so helps others find answers to their questions.
Summarize from the comments for other communities reference.
The issue was caused by "app protection".
To solve it, just move to https and it can work fine.