Solved

Cannot Login to Website Remoted Into the Same Server

Posted on 2008-10-29
1
296 Views
Last Modified: 2013-12-24
I have a site hosted on a Windows Server 2003 SP1 machine in IIS 6.  I can access the site by the domain from an external machine but I cannot authenticate with the site from within the same server by the domain.  I can browse to the site RDP'd into it via it's domain name but no authentication to Active Directory is working.  When I connect the same way (to the site on the hosting server) via the IP address I CAN authenticate with AD and everything works fine.

To rehash:
I can not authenticate to a domain name within the hosted server.  I can authenticate with the IP address within the hosted server.  An external machine can authenticate with the domain name and the IP address.

I have a DTSearch index spider running on the same machine as the website that needs to authenticate via Active Directory to crawl the website by domain.  The problem is that the scheduler cannot crawl the website because it gets a 401.1 error.

I have seen this problem before and we fixed it but for the life of us we can't remember what we did.  I know we found a Microsoft KB article on it but we could not find that again either.

Thanks for your help,
Dirk
0
Comment
Question by:dirq
1 Comment
 
LVL 1

Accepted Solution

by:
dirq earned 0 total points
ID: 22832671
We found the answer.  When we looked in the event log there are some weird characters in the Logon Process element for the Security event log.  The fix requires a registry edit and a restart.

You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6

http://support.microsoft.com/kb/896861

CAUSE
This issue occurs if you install Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 Service Pack 1 (SP1). Windows XP SP2 and Windows Server 2003 SP1 include a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

CCModeler offers a way to enter basic information like entities, attributes and relationships and export them as yEd or erviz diagram. It also can import existing Access or SQL Server tables with relationships.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now