My DC is a SBS2003, my IIS is a Win Server 08 Std. I am hosting a website on the IIS 7 server which uses integrated AD logon for auth. When I started hosting the site I added the correct local DNS entries (pointing the site to the local IP rather than it going out to find the pub IP). Tested with nslookup, does bring up the correct IP.
When I hit the website from any computer on the LAN it brings up the logon box (which is what I want to happen) and once I enter any user/pass from AD it successfully passes the logon info and the site appears (works perfectly, from any computer, including the DC, all Win XP comp, all Win Vista/7 comp).
However when browsing to the same exact site on the IIS server itself, it brings up the same logon box, but then when user/pass credentials are entered and click ok, the logon box immediately comes back up and the site does not appear. After clicking ok (with good, valid, not-locked out) credentials entered, it brings up a "HTTP Error 401.1 - Unauthorized".
The HTTP error 401 page lists the following "most likely causes:"
"•The username supplied to IIS is invalid.
•The password supplied to IIS was not typed correctly.
•Incorrect credentials were cached by the browser.
•IIS could not verify the identity of the username and password provided.
•The resource is configured for Anonymous authentication, but the configured anonymous account either has an invalid password or was disabled.
•The server is configured to deny login privileges to the authenticating user or the group in which the user is a member.
•Invalid Kerberos configuration may be the cause if all of the following are true:
¿Integrated authentication was used.
¿the application pool identity is a custom account.
¿the server is a member of a domain.
of which the only reason I could possibly see as being true is the last one "invalid kerberos configuration". Has anyone noticed / run into this before?