In my previous post I address tightening site security setup practices with the focus of restricting site folder access for new sites on a sweet new W2K3 production server. I tightened folder access too much initially with .htm files loading fine, but every .aspx page generated only the generic runtime error:
There has been an error. If you wish to see the details add a <customErrors mode="Off" /> entry...yadda, yadda, and bite me.
The problem is that I did have a <customErrors mode="Off" /> entry. It was as if the Web.config file was being ignored because ASPNET did not have access to the folder. This was confusing and threw me off my game until I realized it was a permissions issue. I am well accustomed to seeing various “not authorized“ and similar IIS permissions-related errors and fully expected that if the runtime error I received in this situation indeed had to do with permissions that it would have yielded some information to that effect. But it didn't.
There is probably a logical explanation why the runtime couldn't say “not authorized, dufus,“ but I wouldn't know what it would be.