Microsoft Internet Information Services (IIS) has a security measure that prevents loopback. When you use the fully qualified domain name (FQDN) or a custom host header to browse a local Web site that is hosted on a computer that is running IIS, you may receive an error message similar to the following: "HTTP 401.1 - Unauthorized: Logon Failed."
This occurs when the Web site uses Integrated Authentication and
has a name that is mapped to the local loopback address. If you are
using a load balancer for your pool and attempt to validate Web
Components Server functionality and you do not add the load
balancer FQDN as an allowed FQDN for loopback, you receive the
error message and validation fails. For details, see Microsoft
Knowledge Base article 896861, "You receive error 401.1 when you
browse a Web site that uses Integrated Authentication and is hosted
on IIS 5.1 or IIS 6," at
To allow FQDN of the virtual IP (VIP) of your load balancer that is mapped to the loopback address and can connect to Web sites on your computer, follow the steps outlined in the following procedure.
 Caution: |
|---|
| Serious problems might occur if you modify the registry incorrectly by using Registry Editor or other methods. These problems might require that you reinstall your operating system. We cannot guarantee that these problems can be solved. Modify the registry at your own risk. |
To add the FQDN of the VIP of the
load balancer to loopback
-
Click Start, click Run, type regedit, and then click OK.
-
In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
-
Right-click MSV1_0, point to New, and then click Multi-String Value.
-
Type BackConnectionHostNames, and then press ENTER.
-
Right-click BackConnectionHostNames, and then click Modify.
-
In the Valuedata box, type the FQDN of your load balancer VIP, and then click OK.
-
Close Registry Editor, and then restart the IISAdmin service.
You can remove this FQDN after the validation wizard is complete.