Looks like MS added a security feature in Windows 2003 SP1 which prevents you from accessing the localhost using another name in DNS from the local machine. In other words, a DNS alias back to the computer name or loopback. In my case, I needed to add an alias name to the configuration properties for TFS 2010 that referenced the local host name. After quite a bit of searching, I found this which resolved the issue:
http://support.microsoft.com/kb/896861/
I would highly recommend not implementing Method 2. That would be a worst case or perhaps on a development server of some sort. There really is no reason to enable the DisableLoopbackCheck, plus BackConnectionHostNames is MUCH more secure.
Something else to note. In my case, the alias URL points to a server which has a static IP reservation in DHCP. So, when I entered the intended alias name, url1.domain.com, it actually resolves to sdcdhcp15-154.domain.com. So, I had to add both domains to the BackConnectionHostNames. This bit me at first because the registry entry was not working. After adding both entries, things started to work as designed.
No comments:
Post a Comment