The Good, the Bad, and the Loopback Check

My development team has been faced with a recuring problem every now and then, and every time we go and spend precious time trying to troubleshoot it. This morning, I finally decided to go ahead and put a post on my blog about it, so that hopefully I will eventually remember to always perform these steps when troubleshooting an error.

Here’s the problem, when changing the default SharePoint’s Application Pool to run under a domain user, users can no longer access their environment by typing in the computer’s name, SharePoint just keeps prompting them to enter a username password. However accessing it using localhost works like a charm.

Ex:

http://localhost/Default.aspx –> Works
http://spnik/Default.aspx –> Keeps prompting for credentials

This problem is cause by a nasty thing in SharePoint called the Loopback Check. The feature was introduced in Windows Server 2003 SP1 as a security mechanism, to prevent connection to a web application using the Fully Qualified Domain Name (FQDN). This so called feature is also included in Windows Server 2008.

If your SharePoint environment is an internet facing one, I wouldn’t recommend simply shutting down this feature. However, if your are using it as an intranet, or like in our case, as a development platform, then you probably want this feature turned off. In order for you to achieve this, you’ll have to tweak the registry a bit:

1 – Run regedit
2 – Go to Key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

3 – In this registry key, create a new dword entry named “DisableLoopbackCheck
4 – Double click the newly created entry, and set its value to 1
5 – Restart your computer and voilà!

Hopefully this will save you and your time some valuable hours debugging your environment.​

Microsoft Premier Field Engineer - SharePoint

Leave a Comment

Your email address will not be published. Required fields are marked *

*
*