Thursday, June 18, 2009

Unable to browse sharepoint from within the server itself

If you ever have problem browsing your SharePoint portal from within the WFEs itself, and running on Windows Server 2003 SP1 or above, it could be due to a loopback check security. I noticed that this does not happen to site that does not use host header (e.g. does not happen to http://servername:port, but happen to http://host.header.name.com/).

Take a look at http://support.microsoft.com/kb/896861. By modifying some registry, you can either exclude your specific URL from this security check, or disable the feature. The following is a direct copy from the KB article for reference.

Method 1: Specify host names

Note We recommend that you use this method. To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

3. Right-click MSV1_0, point to New, and then click Multi-String Value.

4. Type BackConnectionHostNames, and then press ENTER.

5. Right-click BackConnectionHostNames, and then click Modify.

6. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.

7. Quit Registry Editor, and then restart the IISAdmin service.

Method 2: Disable the loopback check

Follow these steps:

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

3. Right-click Lsa, point to New, and then click DWORD Value.

4. Type DisableLoopbackCheck, and then press ENTER.

5. Right-click DisableLoopbackCheck, and then click Modify.

6. In the Value data box, type 1, and then click OK.

7. Quit Registry Editor, and then restart your computer.

No comments: