401.1 when trying to access reports from client machines

A lot of times, we will see this issue manifest itself where reports run fine from the web server directly, but client machines get three authentication dialog boxes, then fail with a 401.1 error message.

The problem here is that Windows XP SP2 and Windows 2003 SP1 implemented a security check that compares the local computer name to the server name in the IIS request. This was done to prevent reflection attacks. If the fully-qualified domain name (FQDN) or host header in the request does not match the local computer name, you will be unable to properly access the IIS page.

You can either fully disable the loopback check (not an awful thing if you are in an intranet environment) or add the host names to the registry. Refer to KB 896861 for more information.

NOTE: For Reporting Services, you do NOT have to restart the server for this to take effect if you do the DisableLoopback approach.


Posted By : Evan Basalik