IIS binding limit (401.2 error)
Published Nov 13 2019 10:16 AM 7,797 Views

Windows authentication process can take place on the user-mode (IIS worker process) or kernel-mode (HTTP.SYS). For the kernel-mode, there is a limitation: You can add maximum 64 bindings to your site. If you add 65 or more bindings, IIS displays “401.2 Unauthorized: Logon Failed Due to Server


Configuration with No Authentication” error even though the credentials are correct.

A change for Windows Server 2008 R2 or Windows Server 2012 R2 is not expected for this limitation.



Use user-mode authentication for your application to get around binding limitation of kernel-mode.

Steps to use user-mode authentication instead of kernel-mode:

  1. Open IIS Manager
  2. Click on the website
  3. Go to “Authentication
  4. Select “Advanced Settings
  5. Uncheck “Enable Kernel-mode authentication


Continue with these steps:

  1. Open IIS Manager
  2. Click the website name
  3. Go to “Configuration Editor
  4. Select “system.webServer/security/ authentcation/windowsAuthentication
  5. Set “True” for “useAppPoolCredentials
  6. Set “False” for “useKernelMode
  7. Click “Apply


A discussion about the binding limit on IIS forum.

Version history
Last update:
‎Nov 13 2019 10:17 AM
Updated by: