IIS 6 & 7, Windows Authentication, and locally hosted websites using host headers
Like many developers at our company, I like to develop on a virtual machine. I ran into an interesting issue today with integrated authentication in IIS7. I have a Windows 2008 server VM that I use to develop Commerce Server 2007 projects on. On this machine, two websites are hosted: the first one being a Commerce Server 2007 website, the second being the webservices exposing Commerce Server functionality for the business applications and such.
Some of these webservices require that anonymous authentication is turned off. This is where I ran into problems: I kept getting a 401.1 and 401.2 authentication error. The machine resides in our domain, but I am using a local user account for the application pool that runs the website. The website was available using a host header (i.e. http://somename.local/. After a lot of research, and some help from colleagues (thanks Tim, Patrick), and trying almost every trick in the box l came across a Microsoft article that solved my issue. Basically, it came down to adding a registry entry:
| 1. | Open a registry editor. |
| 2. | In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 |
| 3. | Right-click MSV1_0, point to New, and then click Multi- String Value. Type BackConnectionHostNames, and then press ENTER. |
| 4. | Type BackConnectionHostNames, and then press ENTER. |
| 5. | Right-click BackConnectionHostNames, and then click Modify. |
| 6. | In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK. |
| 7. | Quit Registry Editor, and then restart the IISAdmin service. |
After that, my problem was solved. For the whole knowledge base article, please click here.
Posted on
07-04-2009
by Arnold Jan van der Burg
0 Comments
|
Trackback Url
|
Link to this post
Tags: