I have a clean Windows 2008 R2 box (on a VM) and have installed IIS 7.5 with default options. I then copied a website to it (from Windows 7, IIS 7) and after a little tweaking the website is working fine.
The website is currently using and working with Anonymous Authentication.
I have gone back to the Windows Components/Sever Manager, Roles -> Security and ticked and installed Windows Authentication.
When I check my server in IIS (top level above sites) -> Authentication, I see
Anonymous Authentication (enabled)
ASP.NET Impersonation (disabled)
Forms Authentication (disbaled)
Windows Authentication (enabled)
When I check my default website -> Authentication, I see as above but "Retrieving status" and an error dialog saying
There was an error while performing this operation. Details: Filename c:\inetpub\wwwroot\screwturnwiki\web.config Line number: 96 Error: This configuration section cannot be used in this path. This happens when the section is being locked at the parent level. Locking is either by default (overriderModeDefault="Deny"), or set explicity by a location tag with overrideMode="Deny" or the legacy allowOverride="False". I have tried hand editing the web.config with no success. (How to use locking in IIS7 Configuration)
UN-installing Windows Authentication happily returns my site to working with Anonymous Authentication, and allows me to enable/disable these three options.
FYI. I am using ScrewTurnWiki with the Active Directory plug in. It all works fine under Windows 7 IIS 7 locally (has been for months)
Web.Config
<system.webServer> (edit) <handlers> ( deleted removes/adds ) </handlers> <security> <authentication> 96: <windowsAuthentication enabled="true" useKernelMode="true"> <extendedProtection tokenChecking="Allow" /> <providers> <clear /> <add value="NTLM" /> <add value="Negotiate" /> </providers> </windowsAuthentication> </authentication> </security> 