You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6

This issue occurs if you install Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 Service Pack 1 (SP1). Windows XP SP2 and Windows Server 2003 SP1 include a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name.

http://support.microsoft.com/kb/896861

Workaround

Method 1: Specify host names
loadTOCNode(2, 'workaround');

Note We recommend that you use this method.To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:

Click Start, click Run, type regedit, and then click OK.
In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
Right-click MSV1_0, point to New, and then click Multi-String Value.

Type BackConnectionHostNames, and then press ENTER.

Right-click BackConnectionHostNames, and then click Modify.

In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.

Quit Registry Editor, and then restart the IISAdmin service.

Back to the top
Method 2: Disable the loopback check
loadTOCNode(2, 'workaround');

Follow these steps:


Click Start, click Run, type regedit, and then click OK.

In Registry Editor, locate and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Right-click Lsa, point to New, and then click DWORD Value.

Type DisableLoopbackCheck, and then press ENTER.

Right-click DisableLoopbackCheck, and then click Modify.

In the Value data box, type 1, and then click OK.

Quit Registry Editor, and then restart your computer.