401 Unauthorized Browsing Site From Local IIS Instance

I spent waaaaay way way way too long fighting this one, so I’m saving everything I found on the issue so that I never lose it.

Setup

  • Running Internet Information Services (IIS) 8.5 on my laptop.
  • Set up a site with an ASP.Net MVC web application Windows Authentication.

Problem

  • Browsing the site locally continually prompts for my domain username and password.
  • Credentials are never accepted / I’m never authenticated.
  • Cancelling the login prompt ultimately responds with 401 Unauthorized.

When accessing the site with Fiddler, IIS simply responds with 401 Unauthorized.

Solution (with original sources)

An incredibly helpful StackOverflow titled Unable to get windows authentication to work through local IIS provided the solution.

Its source was a KnowledgeBase article from Microsoft: https://support.microsoft.com/en-us/kb/896861

  1. Set the
    DisableStrictNameChecking
    registry entry to 1. For more information about how to do this, refer to article 281308 in the Microsoft Knowledge Base
  2. Click Start, click Run, type regedit, and then click OK.
  3. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  4. Right-click MSV1_0, point to New, and then click Multi-String Value.
  5. Type BackConnectionHostNames, and then press ENTER.
  6. Right-click BackConnectionHostNames, and then click Modify.
  7. In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
  8. Quit Registry Editor, and then restart the IISAdmin service. (to do this, I ran iisreset from a Powershell prompt)

comments powered by Disqus