KB: HTTP401 error when using FQDN / custom host header to access IIS Virtual Server instead of local server name

Problem: Windows Server 2003 SP1 or later includes the Loopback Check security feature which blocks authentication if the FQDN or custom host header does not match the local server name.

Symptoms in SharePoint:

  • Get password prompt for 3 times and eventually authentication failure when accessing sites with FQDN / custom host header. But no problem when using local server name.
  • InfoPath Form Services data connection error 5566 when connecting SharePoint web services with FQDN / custom host header. But no problem when using local server name.

Resolution: http://support.microsoft.com/kb/896861 

Method 1: Specify host names (Preferred method if NTLM authentication is desired)

To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

  1. Set the DisableStrictNameChecking registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:

    281308 (http://support.microsoft.com/kb/281308/ ) Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name

  2. Click Start, click Run, type regedit, and then click OK.
  3. In Registry Editor, locate and then click the following registry key:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

  4. Right-click MSV1_0, point to New, and then click Multi-String Value.
  5. Type BackConnectionHostNames, and then press ENTER.
  6. Right-click BackConnectionHostNames, and then click Modify.
  7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  8. Quit Registry Editor, and then restart the IISAdmin service.
Advertisements

KB: Read these Microsoft KBs before deploying Document Libraries with deep folders / long names

http://support.microsoft.com/kb/329919 – Cannot open a Web folder document that is located on a Microsoft SharePoint Portal Server 2003-based server

http://support.microsoft.com/default.aspx?scid=kb;EN-US;326039 – Error message when you open a Office file that has a long folder name

http://support.microsoft.com/default.aspx?scid=kb;EN-US;910365 – You receive an error message when you try to open a Web site as a Web folder in Microsoft Internet Explorer 6

http://support.microsoft.com/default.aspx?scid=kb;EN-US;894630 – You receive a "The specified file or folder name is too long" error message when you create a new folder or a new document in a document library in SharePoint Portal Server or in Windows SharePoint Services

http://support.microsoft.com/default.aspx?scid=kb;EN-US;923906 – When you try to open a folder in a Windows SharePoint Services 3.0 document library in Explorer View, the folder does not open