Master Data Services Web App: Unauthorized

Question

I have a new install of Master Data Services (MDS) 2016 hosted on IIS 8.5 on Windows 2012.

When I browse to the application from IIS on the server with the default bindings the application works fine.

But if I edit the bindings and add a DNS hostname for the MDS web app when I browse to the application on the server I get a 401 error and I don't know how to resolve this.

When browsing to the application remotely from a client workstation using the DNS hostname the application works fine. It's only when browsing to the application on the server itself using the DNS hostname that the application returns a 401 error.

The MDS application is running in its own application pool that is running under a Active Directory service account.

We have another server running MDS 2016 with a similar config and this application works fine when browsed on the server and remotely, but I cannot understand why the two servers are behaving differently.

UPDATE 1 - Adding missing error information

Answer 1

You need to change the Loop Back Check in registry so that it allows the host names which you are giving in url are allowed and authorized, the solution is some registry hacking to avoid loopback check:

• Using regedit, navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
• Add a new Multi-String Value to MSV1_0 and name it BackConnectionHostNames
• Add the host names you wish to use. In my case, "test.mytestsite.com". Restart the IIS.