The Problem:
- You create a web site on IIS 6 and give the website a host header value, say, somewebapp
- You create a dns entry of type A pointing to the IP address of the machine hosting the IIS server that's hosting your application
- You try to visit the web app on the hosting server using the host header value somewebapp and you're prompted to enter a username and password and after entering a valid username & password, you're greeted with HTTP 401.1 Access is Denied error message. Note that if you visit the same app using the same alias from other machines, there is no problem.
This issue did not bother me until I found out the search function on the SharePoint 3.0 server is not working. It turned out that these two issues are related. The search service on SharePoint does not work because the indexing services cannot crawl the site(s) if both the site and the indexing service are hosted on the same server. Basically, the indexing service receives the same 401.1 error you receive when visiting your apps. You may also notice that numerous warning events are logged on your windows server that's hosting the SharePoint service. These events are under 'Gatherer' category and some look like
The start address <sts3://...> cannot be crawled
Context: Application 'Search index file on the search server', Catalog 'Search'
Details:
Access is denied.The Solution:
To fix this Microsoft recommends disabling loopback check as detailed here http://support.microsoft.com/kb/896861
The interesting thing is that if you go back to your DNS record and delete the Host A type record you created for your app and replace it with a CNAME record pointing to the name of the server and not the IP address, the problem disappears after some time after the DNS changes take effect. I tested this with some IIS apps but I did not test in isolation in the case of the SharePoint service to say for sure that changing from Host A to CNAME fixes the problem.
No comments:
Post a Comment