The Web Application Project is configured to use IIS. Unable to access the IIS metabase. You do not have sufficient privilege to access IIS web sites on your machine.

Possibly save 1 hour of your time: After upgrading my work machine to Windows 10 Anniversary update, I cannot load my web application project. In my situation, I am not running as administrator.

  1. You can run Visual Studio as administrator, and the project should load fine.
  2. In my situation I don’t want to run as administrator, then you will have to go to %systemroot%\System32\inetsrv\config (i.e. %systemroot% for me is c:/windows). It will ask you to prompt in your administrator login. Do that. Once you have accessed to that folder, now you can go back to your Visual Studio and try loading that project again. You may need to restart Visual Studio. It works for me subsequently after.

IIS 10: Web Apps, Security & Maintenance (IT Pro Solutions)


Turn on https with SSL self signed certificate on local IIS environment

Possibly save 1 hour of your time: There are times when you have to set up your website during development to use https. Please see a reason from my previous article Chrome requires https for input text fields.

Create self signed certificate

  • Under IIS > select main instance > select Server Certificates in the middle pane
  • Right click and choose Create Self-Signed Certificate…
  • Enter friendly name for the certificate.



Bind your site to the self signed certificate

  • Under IIS > Sites > select your website > on the right pane Actions select Bindings
  • On Site Bindings window > click Add
  • Add Site Binding


That is it. You should be able to hit https on your website. You will still get unsecure message from the browser as it is not a real certificate.

IIS 10: Essentials for Administration (IT Pro Solutions)

Windows Authentication – user cannot login

Possibly save 2 hours of your time: When your new application uses windows authentication, typically you will authorize against a specific windows security group. Once you launch your application and users are starting to access this website, but they try to login with their windows credentials but still have no access.

First, go to the website on IIS, right click on the website and choose Edit Permissions. Then go to Security tab and click on Edit. Then Add the windows security group with the Read permission and any other required permissions.

Second, you can get them to logout of their windows machine and then log back in.

Third, if that doesn’t work, then you can send them the following instructions and have them check if they are part of an assigned windows security group.

  • Run command prompt
  • Type: GPRESULT /R > gp.txt
  • Type: notepad gp.txt
  • Search for windows groupname in the txt file

On Windows 10, use the following command instead:

  • Type: GPRESULT /USER username /V > gp.txt
  • Type: notepad gp.txt

IIS 10: Web Apps, Security & Maintenance (IT Pro Solutions)

Clear web application server cache

Possibly save 2 hours of your time: Most applications have cached data. When business updates reference data or some cached data, one needs to clear the cache directly so that the cache can be refreshed. There are multiple ways on how to clear the web server cache.

One way is to recycle application pool for that website. When application pool starts again, the cache has been cleared.

  • Open Internet Information Services (IIS), under the server connection click on Application Pools. Then you will see the list of application pools. Find the one that is assigned to your application. Then right click on the application pool and choose Recycle.
  • There are ways to use Microsoft.Web.Administration.ServerManager.ApplicationPools.Recycle() to recycle the application pools; however this requires an elevated IIS administrator rights. So this is not considered since the target user are business administrators.

Second way is to drop an app_offline.htm file. And then remove it right after. This file will put the application offline and you can customize this file with your company logo embedded as svg image (see bullet point).  This is usually used during maintenance. This file triggers application pool for this website to stop and then when this file is removed, the application pool will start with previous cache cleared. Your application will handle the refresh of the cache when it has been cleared. See below for this code.

  • background: url(data:image/svg+xml;base64,[…image binary goes here…])

Third way is an application specific solution in which the application will provide the ability to clear the cache.

For local development, run iisreset on command prompt will recycle all application pools.

public Exception RestartApplicationViaOffline(string offlineFile, string targetLocation)
Exception exception = null;
var appOffline = “app_offline.htm”;
if (string.IsNullOrEmpty(offlineFile))
throw new Exception($”app_offline.htm [actionId] is not valid at {offlineFile}.”);

if (!offlineFile.EndsWith(appOffline))
offlineFile = Path.Combine(offlineFile, appOffline);

if (string.IsNullOrEmpty(targetLocation))
throw new Exception($”app_offline target folder [target] is not found at {targetLocation}.”);

if (!targetLocation.EndsWith(appOffline))
targetLocation = Path.Combine(targetLocation, appOffline);

// Will overwrite if the destination file already exists.
File.Copy(offlineFile, targetLocation, true);


catch (Exception ex)
exception = ex;

return exception;

Technology stack:

  • Windows Server 2012 R2
  • Internet Information Services (IIS Version 8.5.9600.16384)

IIS 10: Web Apps, Security & Maintenance (IT Pro Solutions)