We are running ColdFusion 9 on IIS 7.5.
Our intranet website uses Windows Authentication with the Negotiate provider.
We have set up an Active Directory user group (Web Developers) and assigned the permissions to the web source directory.
Everything works fine for one particular user group.
We created a new group (General Staff) and assigned the permissions to the source directory.
After restarting all of the services involved we end up with 401.3 errors which are Authenticated but Access is denied errors.
The error happens with html as well as cfm files.
To verify access, I browsed the unc path in windows explorer. All worked well.
Are there permissions other than the actual source directory that need to be set to get past the access is denied errors?
Does ColdFusion run even if the request is an html file?
Assigning read permissions on the ColdFusion9\runtime\lib\wsconfig directory to the group in question allows the requests to proceed.