Tuesday, December 4, 2012

Event ID 4625 and 6037 in SharePoint 2010 front-end servers

When I try to log in the web application in a SharePoint 2010 front-end server, I cannot log in and I get the following warning in Security and System Event log.




Cause
The "loopback security check" feature is enabled in the IIS server. It prevents to access to a web application using a fully qualified domain name (FQDN).

Resolution
There are 2 methods to solve this issue.

1. Specify host names (Preferred method if NTLM authentication is desired)

1. On the front-end server, log in as a local or domain administrator.
2. Launch "Registry Editor".
3. Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0".
4. Right-click "MSV1_0", create a new "Multi-String Value" named "BackConnectionHostNames".
5. Double-click "BackConnectionHostNames".
6. Type host names which are hosted in the local computer.


7. Click "OK".


8. Restart the server.

2. Disable the loopback check

1. On the front-end server, log in as a local or domain administrator.
2. Launch "Registry Editor".
3. Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA".
4. Right-click "LSA", create a new "DWORD Value" named "DisableLoopbackCheck".
5. Double-click "DisableLoopbackCheck".
6. Under "Value data", type "1".


7. Click "OK".


8. Restart the server.

Reference:
You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or a later version

DisableLoopbackCheck. Lets do it the right way

This posting is provided “AS IS” with no warranties, and confers no rights!

1 comment: