Server 2003 R2, adding IIS, and you can't log in!

You've just done a clean install of Server 2003 R2, added IIS and you can't logon to administer the site. (The site you've installed, and paid for. And Bill won't let you. Bill!)

Isn't that so frustrating. There's more to life than configuring servers! Things like writing you own applications and running them!

Here's the problem..

This issue occurs if you install Microsoft Windows XP Service Pack 2 (SP2) or Microsoft Windows Server 2003 Service Pack 1 (SP1). Windows XP SP2 and Windows Server 2003 SP1 include a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, authentication fails if the FQDN or the custom host header that you use does not match the local computer name.

Here's the answer...

Currently there's a link http://support.microsoft.com/default.aspx?scid=kb;en-us;896861

I'll copy past the guts of it here - before Bill changes the link.

You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6

SYMPTOMS

When you use the fully qualified domain name (FQDN) or a custom host header to browse a local Web site that is hosted on a computer that is running Microsoft Internet Information Services (IIS) 5.1 or IIS 6, you may receive an error message that is similar to the following:

HTTP 401.1 - Unauthorized: Logon Failed

Disable the loopback check

Follow these steps:

1.	Click Start, click Run, type regedit, and then click OK.
2.	In Registry Editor, locate and then click the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
3.	Right-click Lsa, point to New, and then click DWORD Value.
4.	Type DisableLoopbackCheck, and then press ENTER.
5.	Right-click DisableLoopbackCheck, and then click Modify.
6.	In the Value data box, type 1, and then click OK.
7.	Quit Registry Editor, and then restart your computer.

There is another method that's more secure described in the article.