KeePass (on Ubuntu) gets 401 Unauthenticated on HTTP IIS WebDAV Share

Question

I'm looking to figure out why KeePass2 installed on Ubuntu 12.04 Desktop keeps getting error 401 (Unauthorized) when accessing our password protected WebDAV server (hosted on IIS).

Firefox is able to connect using my credentials. KeePass is not able to connect using the same credentials, produces 401 unauthorized. Trying to connect with the "Connect to server" option also produces a 401 unauthorized.

I've tried connecting with user@domain, domain\user, user@fqdn.domain, fqdn.domain\user, \user, .\user, user. Firefox worked just fine with the standard 'user' and password method.

2014-04-03 21:31:32 10.xxx.zzz.yyy GET /webdav/ourpasswordfile.kdbx - 80 - 10.xxx.zzz.aaa - - 401 2 5 0

I noticed that Firefox seems to also generate a 401 error, but then the second request generates a log entry with the username.

2014-04-03 21:22:31 10.xxx.zzz.yyy GET /webdav/ourpasswordfile.kdbx - 80 - 10.xxx.zzz.aa Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64;+rv:26.0)+Gecko/20100101+Firefox/26.0 - 401 2 5 1272
2014-04-03 21:22:38 10.xxx.zzz.yyy GET /webdav/ourpasswordfile.kdbx - 80 domain\user 10.xxx.zzz.aaa Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64;+rv:26.0)+Gecko/20100101+Firefox/26.0 - 200 0 0 361

Any idea how I can go about getting our Linux friends connected? Am I missing a setting in IIS, or am I missing something else?

We have a user group that has modify access to the webdav folder, as well as the IIS_IUSRS. The users connecting need to be a part of the first group.

This whole process works fine on Windows machines, domain joined or not.

Answer 1

I'm not sure if this will directly help, since I've implement the server with apache on linux instead of IIS on windows. But I've made the keepass client work via DAV from Windows, Android, and Linux to that server, so I thought I would share what worked for me.

I found the keepass client to be very picky about Basic vs Digest Auth. I ended up having the server provide both on different url prefixes. I found the windows client worked with Basic auth, but the Linux client worked with Digest instead.

From your logs I suspect this next one isn't your problem, but just in case: if you don't have a self signed or otherwise invalid certificate: make sure you enable the options->advanced->"Accept invalid SSL certificates" option.

Answer 2

I know this is old, but I had the same problem and just managed to solve it, so putting this here for posterity :)

On synchronise with URL page, click into advanced and under General section, switch Pre-authenticate from Auto to No.

This resolved it for me anyway!

Answer 3

I faced similar issue - a resource was accessible from Firefox but not from KeePass. However, I was getting 404 in KeyPass. For me, the issue was fixed by updating KeePass and mono to the latest versions.