IIS 6 (or 7) Losing credentials after hitting DNS

Question

We have a web site using NTLM and allow domain users. Browsing the site from a client pc works fine, with domain credentials being passed in silently and the user authenticated. However, from a remote session on the server, browsing to http://[serverdomainname] ends up with a domain prompt and eventual 401 error.

Browsing the site on the server via IP is fine, so we think the domain credentials are getting lost in the hop to the DNS.

We need the behavior to work because we have apps that talk to each other via http requests on the same site, and they get 401 errors, even when we have passed in domain credentials.

We has a Microsoft field engineer out here for 2 days, and no matter what we tried, we could never get authenticated from with in an RDP session.

We tried attaching an SPN to the box and still no luck.

Huh? I'm really wondering how you arrived at that conclusion about a DNS lookup removing credentials. — John Gardeniers, Feb 18 '11 at 02:13
Just a SWAG John, and a dubious one. We could browse ok via IP on the box, but got rejected once we tried the old IIS/Browse method. — Kevin Raffay, Feb 23 '11 at 06:39

score 0 · Accepted Answer · edited Apr 13 '17 at 12:14

0

I bet this is from the loopback check. That causes the extra auth on the local server.

I answered that over here with the steps to disable it.

edited Apr 13 '17 at 12:14

Community

1

answered Feb 22 '11 at 19:27

Scott Forsyth

16,339
3
36
55

Thanks so much Scott, I'll try that in the AM. We had a MSFT engineer out here for two days and never thought of that. Good to see that others have had that same experience. – Kevin Raffay Feb 23 '11 at 06:37
Hey Kevin. Glad, glad that worked. It's a tricky one because the error doesn't mention anything obvious. – Scott Forsyth Mar 01 '11 at 22:25

IIS 6 (or 7) Losing credentials after hitting DNS

1 Answers1