Friday, July 30, 2010

SOLVED: Cannot Authenticate to IIS Locally using a DNS Name

I worked on a support issue the other day that was really strange and I had a tough time finding the answer even though there are two Microsoft articles that discuss the issue. Here is what was happening:

One of our developers was testing an application on a web server and set it up to only allow Integrated Authentication. He could log onto the site when he was on another computer, but could not log onto the website when he was on the web server itself. He could not log on if he was local, but he could if he was not local.

On the local machine, he would get prompted for log on and enter the user name and password a few times before getting the following error:

"HTTP 401.1 - Unauthorized: Logon Failed"

My first few searches to see if anyone else had this problem returned a bunch of irrelevent articles about people that had issues where they could log on locally, but could not log on from outside machines. I learned I was able to log onto the local web server if I used the IP address or the computer name, but was only unsuccessful if I used a DNS name.

I finally got lucky with one of my searches and came accross these two MS articles:

Article 1
Article 2

Article 1 explains two methods for solving the issue. Article 2 explains why you should use method 1 instead of method 2. Beware, article 1 says you only need to restart the IIS Admin service after you modify the registry. This is not correct. You need to reboot the server.