Windows Integrated authentication keeps on giving 401 status code

Some website require custom hosting configuration even when developing locally. For example if you need to enable ssl. If you use a separate host name for you locally hosted website, you may encounter Windows Authentication issues because Kerberos/NTLM ensures the symbolic name of the website does not resolve to the loopback address (127.x.x.x).

The behavior with IE is you get prompted for your username/password repeatedly.

To resolve the issue you may follow Method 1 in the following article : https://support.microsoft.com/en-us/kb/896861

Method 1: Specify host names (Preferred method if NTLM authentication is desired)
To specify the host names that are mapped to the loopback address and can connect to Web sites on your computer, follow these steps:1.Set the
DisableStrictNameChecking
registry entry to 1. For more information about how to do this, click the following article number to view the article in the Microsoft Knowledge Base:
281308 Connecting to SMB share on a Windows 2000-based computer or a Windows Server 2003-based computer may not work with an alias name

2.Click Start, click Run, type regedit, and then click OK.
3.In Registry Editor, locate and then click the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

4.Right-click MSV1_0, point to New, and then click Multi-String Value.
5.Type BackConnectionHostNames, and then press ENTER.
6.Right-click BackConnectionHostNames, and then click Modify.
7.In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK.
8.Quit Registry Editor, and then restart the IISAdmin service.

BackConnectionHostNames should list the names of the host names used for local deployment

Leave a Reply