Hello everyone!
We have come across a handful of cases where we could access the Dynamics GP Web Client Web Management Console from any other machine on the network, but when accessing it in a browser directly on the Web Server we were prompted for credentials three times, and then received a 401.1 HTTP error. We had verified with certainty that the password was correct, so it took some time to figure out the cause.
When you use the fully qualified domain name (FQDN) or a custom host header to browse Web Management Console that is hosted on a computer that is running Microsoft Internet Information Services (IIS) 5.1 or a later version, authentication may fail. This issue occurs when the Web site uses Integrated Authentication, and has a name that is mapped to the local loopback address. A loopback address is a security feature that was added with Server 2003 that is meant to prevent malware from attacking a Web site from inside the network.
The workaround that we have found is detailed in this KB article, but the simplest way is to add a registry key to disable this loopback check. If you create a new TXT file, add this text, and then save it as a .reg file.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"DisableLoopbackCheck"=dword:00000001
If disabling this security function isn't acceptable for your security structure, follow the steps in this KB to attempt to resolve this issue alternatively.
http://support.microsoft.com/kb/896861
** Please do not make any registry changes to a machine in your environment unless you are completely comfortable with backing up and restoring the registry of the machine in the event of failure. Modifying your registry can have catastrophic consequences on a computer if done improperly. **
Resources:
You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or a later version:
http://support.microsoft.com/kb/896861