With no specific reason I wasn't able to access the Shared Services Provider (SSP) Administration website from Sharepoint Central Administration.
I was able to login to the Central Administration Panel normally using my service account (domain admin account). But when I was trying to access the SSP after 3 attempts I was getting
You are not authorized to view this page
HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials. Internet Information Services (IIS)
Initially I was investigating the case that maybe I have the the same name for the IIS Application Pool assigned to the SSP Admin application and the Shared Services Provider. But it was clear that I have different IIS Application pool for Shared Services Provider and another for SSP Admin application.
So I had:
SharedShervices1 / ISS App Pool: SharedShervices1
SSP Admin - 80 / SSPAdminAppPool
The above case is discused in the link below:
http://faraz-khan.blogspot.com/search/label/MOSS%202007%20SSP%20access%20denied
Finnaly I found the cause of my problem. It was loopback check security feature of windows 2003 Server.
"Loopback check security feature is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name. "
http://support.microsoft.com/kb/896861
I disabled through registry the loopback check
Disable the loopback check
Follow these steps:- Click Start, click Run, type regedit, and then click OK.
- In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
- Right-click Lsa, point to New, and then click DWORD Value.
- Type DisableLoopbackCheck, and then press ENTER.
- Right-click DisableLoopbackCheck, and then click Modify.
- In the Value data box, type 1, and then click OK.
- Quit Registry Editor, and then restart your computer.
No comments:
Post a Comment