www.geekybob.com

Just a short, simple blog for Bob to share his thoughts.

Disabling Local Loopback Checks on Web Servers that Run IIS

17 December 2010 • by Bob • IIS, Windows

I've run into this situation more times that I can count: I set up a new web server and no matter what I do, I cannot log into websites on the server that require authentication while I am browsing to them from the console. I used to pull my hair out over this problem until I discovered the problem is in the Windows Local Security Authority (LSA) and it can be easily remedied.

  1. Open your registry editor by going to Start –> Run and enter regedit and click OK.
  2. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa in the registry editor.
  3. Right-click Lsa, click on New and select DWORD value.
  4. Enter DisableLoopbackCheck and press Enter.
  5. Right-click DisableloopbackCheck and select Modify.
  6. In the Value data box, enter 1 and click OK.
  7. Reboot your server.

Several years later someone wrote the following KB article that includes this fix with a description of the problem, as well as an alternate workaround:

http://support.microsoft.com/kb/896861

HTH

Tags: IIS, Windows

Disclaimer

All content within this blog represents my personal views and opinions only. This content is not intended to represent the views, positions, or strategies of my employer or any other organization with which I may be associated. All content and code samples are provided "as is" without warranty of any kind.