HTTP 401.1 Access Denied in SharePoint 2013/2016

access denied in sharepoint 2013 http 401
SharePoint deveopment training course

This SharePoint tutorial we will discuss how to solve HTTP 401.1 Access Denied in SharePoint 2013/2016.

After we install the SP1 for SharePoint 2013 users were getting the error as “HTTP 401.1 Access Denied” for few site collections created which are created with:

  • Fully Qualified Domain Name (FQDN)
  • Sites with alternate access mappings
  • Sites created in Host header web applications
  • Host header site collections

The issue is when a user to access the site SharePoint is prompting for user credentials with no limit. When I started investigating this the end result is a 401.1 Access Denied from the web server and a logon failure in the event log.

HTTP 401.1 Access Denied in SharePoint 2013/2016

The tricky and baffling part is 401.1 is a common error code for incorrect credentials/access issues but it can’t happen in our case as the user has been accessing the site with business admin credentials.

HTTP error-codes:

You can check various HTTP error codes, https://en.wikipedia.org/wiki/List_of_HTTP_status_codes

After long time research, we realized this is because of the new feature “loopbackcheck” got added as part of SP1 installation.

Below are the 2 methods to fix this issue:

  • Specify Host names (Preferred method, if authentication is NTLM)
  • Disable the loopback check (less-recommended method)

Note: Both these approaches involves registry changes so we must have administrator permissions to perform this.

Let us explore both procedures:

Specify host names:

In this approach, we are adding the Fully Qualified Domain Name of the application as Multi-string value key in the registry.

  • Start -> Run – > type regedit, and then click OK.
  • In Registry Editor navigate to the following registry key/folder: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  • Right-click MSV1_0, point to New, and then click Multi-String Value.
  • Type BackConnectionHostNames, and then press ENTER.
  • Right-click BackConnectionHostNames, and then click Modify.
  • In the Value data box, type the host name or the host names for the sites that are on the local computer, and then click OK. Ex: intranet.mstechnology.com
  • Quit Registry Editor, and then restart the IISAdmin service.
HTTP 401.1 Access Denied in SharePoint
HTTP 401.1 Access Denied in SharePoint 2013

Disable the loopback check:

The second approach is to disable the loopback check by adding a new key DisableLoopbackCheck of type DWORD Value

  • Start -> Run – > type Regedit, and then click OK.
  • In Registry Editor navigate to the following registry key/folder: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
  • Right-click Lsa, point to New and then click DWORD Value.
  • Type DisableLoopbackCheck, and then press ENTER.
  • Right-click DisableLoopbackCheck, and then click Modify.
  • In the Value data box, type 1, and then click OK.
  • Quit Registry Editor, and then restart your computer.
HTTP 401.1 Access Denied in SharePoint 2016
http error 401.1 - unauthorized access is denied sharepoint

Disable loopback using PowerShell

Below is the PowerShell command for disabling loopback:

New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa -Name "DisableLoopbackCheck" -value "1" -PropertyType dword

You may like following SharePoint tutorials:

This SharePoint tutorial, we learned how to solve error HTTP 401.1 Access Denied in SharePoint 2013 or SharePoint 2016.

Check out Best Alternative to InfoPath -> Try Now

free sharepoint training

SharePoint Online FREE Training

JOIN a FREE SharePoint Video Course (3 Part Video Series)

envelope
envelope

About Krishna Vandanapu

I am Krishna.Vandanapu a SharePoint architect working in IT from last 13+ years, I worked in SharePoint 2007, 2010, 2013, 2016 and Office 365. I have extensive hands on experience in customizing SharePoint sites from end to end. Expertise in SharePoint migration tools like Sharegate, Doc Ave and Metalogix. Migrated SharePoint sites from SharePoint 2007 to 2010 and 2010 to 2013 several times seamlessly. Implementing CSOM with Microsoft best practices. Spent quality time in configuring SharePoint application services like User Profile, Search, Managed Meta data services etc. Now exploring SharePoint Framework and SharePoint 2019

View all posts by Krishna Vandanapu →