Disabling Local Loopback Checks on Web Servers that Run IIS

I've run into this situation more times that I can count: I set up a new web server and no matter what I do, I cannot log into websites on the server that require authentication while I am browsing to them from the console. I used to pull my hair out over this problem until I discovered the problem is in the Windows Local Security Authority (LSA) and it can be easily remedied.

  1. Open your registry editor by going to Start –> Run and enter regedit and click OK.
  2. Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa in the registry editor.
  3. Right-click Lsa, click on New and select DWORD value.
  4. Enter DisableLoopbackCheck and press Enter.
  5. Right-click DisableloopbackCheck and select Modify.
  6. In the Value data box, enter 1 and click OK.
  7. Reboot your server.

Several years later someone wrote the following KB article that includes this fix with a description of the problem, as well as an alternate workaround:



Comments are closed