SharePoint Tip of the day – Don’t forget to to disable the LoopbackCheck on your SharePoint VM / Server (even more if you use AAM !) (401.1 error)


I'm currently developping a solution that makes extensive use of web services to communicate back and forth between two site collections.
When I added Alternate Access Mapping to both site collections, I wasn't anymore able to call my web service locally (it still worked fine when called from another server). On the relevant server, trying to reach a site collection (and thus anything underneath) using the AAM name was always triggering the credentials prompt and failed regardless of the validity of the credential given…

Turned out the culprit was the LoopbackCheck (and if you need to disable it like me, add this key : [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa] "DisableLoopbackCheck"=dword:00000001

Edit : once the culprit was known, google turned out to be more friendly in helping me !
Looks like there is a more secure way to fix this, and thus avoiding to disable the loopback check :
http://blogs.windwardreports.com/wunder_fodder/2010/03/sharepoint-gotcha-when-using-alternate-access-mappings-aam.html and you should read the excellent harbar post over there : http://www.harbar.net/archive/2009/07/02/disableloopbackcheck-amp-sharepoint-what-every-admin-and-developer-should-know.aspx to understand why it's a bad practice to do so on a production server.

Advertisements