Thursday, September 17, 2009

SharePoint Server Disable LoopbackCheck

This is a scenario I have come across a few times now, especially working on Windows Server 2008 boxes. It seems that this is a security fix that Microsoft introduced since Windows Server 2003 SP1. Basically what it fixes (breaks in SharePoint) is explained below.

1. You create a Web application in SharePoint that uses a host header that you intend to make available to end users. Lets say http(s)://

2. You can browse to this URL file from the other machines or over the Web.

3. You remote into the server to make some changes - and you decide to open a browser and type in the address. You usually get asked to login multiple times and after three tries it will usually show you a blank screen with a 401.1 access denied error. Note that this only happens when you are trying to access the website on the same server as you are logged into.

Enter the DisableLoopBackCheck setting in the Registry. Spencer Harbar wrote up a great article about the same that I ran across as I was writing this post, so I will just pass you on to his splendid explanation and resolution of this problem here.

No comments: