SharePoint 2013 Keeps Prompting For Credentials (DisableLoopbackCheck - BackConnectionHostNames - Logon Failure 401.1

SharePoint 2013 Keeps Prompting For Credentials (DisableLoopbackCheck - BackConnectionHostNames - Logon Failure 401.1 - Access Denied )

Problem:

When you access a SharePoint site collection, it keeps on prompting for authentication and eventually give you an Access Denied error.

Reason:

This is a feature that prevents access to a web application using a fully qualified domain name (FQDN) if an attempt to access it takes place from a machine that hosts that application. The end result is a 401.1 Access Denied from the web server and a logon failure in the event log.

Solution:

There are 2 ways to solve this, (1) the correct way and (2) the fast and easy way.

1 - The correct way (test/production servers):
Specify the host names that needs to do loop back check in the registry – BackConnectionHostNames. This is the correct way and is more secure. http://support.microsoft.com/kb/896861
- Open regedit.exe
- Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
- Create a new multi-string value and name it "BackConnectionHostNames"
- Type the host name of site that are referencing on the local server
(multiple host names must be separated by a newline)
- Click OK and close regedit
- You should no longer get the 401.1 Access Denied message (you may also need to restart the IISAdmin service)

1 - The easy way (development servers):
Disable the loopback check (DisableLoopbackCheck) altogether. This puts your server in a security risk. http://support.microsoft.com/kb/896861
- Open regedit.exe
- Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- Create a new d-word (32-bit) and name it "DisableLoopbackCheck"
- Edit the d-word and give it a value of 1
- Click OK and close regedit
- You should no longer get the 401.1 Access Denied message (you may also need to restart the IISAdmin service)

Additional info:

The event view might also give the following error.
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 537
Date: Date
Time: Time
User: NT AUTHORITY\SYSTEM
Computer: Computer_Name
Description: Logon Failure:
Reason: An error occurred during logon
User Name: User_Name
Domain: Domain_Name
Logon Type: 3
Logon Process: Ðùº
Authentication Package: NTLM
Workstation Name: Computer_Name
Status code: 0xC000006D
Substatus code: 0x0
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
Caller Process ID: -
Transited Services: -
Source Network Address: IP_Address
Source Port: Port_Number

Sharepoint/Project Server App with javascript and Web Part

Getting Project Server code to run in a AppPart Today I tried to get project server CSOM/javascript code to run within an app part. This caused a lot of troubleshooting and guessing to get it to work. By simply adding the ps.js library to the app part page I kept getting an error. Library: <script type="text/javascript" src="/_layouts/15/ps.js"></script> Error: "executeordelayuntilscriptloaded is undefined" Then I tried to use ScriptLink to load the library but got the same error. <SharePoint:ScriptLink runat="server" Name="ps.js" Localizable="false" OnDemand="False" LoadAfterUI="True"></SharePoint:ScriptLink> The code I was trying to run was very simpel and worked fine if I added it to a normal aspx page. $(document).ready(function () { var projContext = PS.ProjectContext.get_current(); var projects = projContext.get_projects(); projContext.load(projects...

PPM Tricks

Search This Blog