Archive for October 30, 2013

Loopback Check and 401.1 Error

SharePoint Short #18

If you’re developing a web service for SharePoint, or trying to access one of the SharePoint web services, through server code and get a 401.1 Unauthorized exception, it’s worth checking if the status of the loopback check, especially if you’re using a host name for the site.

Since Windows 2003 (SP1) a loopback security check was added. The purpose of this check is to prevent access to the web application if there is an attempt to access it from the same server hosting the site, using a fully qualified domain name or host name.

If you’re getting this exception on a dev\test environment, the simplest solution is to disable the loopback check. Do this by opening the registry editor and navigate to the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

From there, right click the LSA folder and add a new DWORD value called DisableLoopbackCheck. Set the value to 1 and then reboot the server. Do this for all Web Front Ends in the farm.

If, on the other hand, this is happening on a production environment, do not disable the loopback check as this will remove a security check that may compromise your environment. Instead, add the host names that should bypass this check by adding another key to the registry:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

Right click the MSV1_0 folder and add a new Multi-String value called BackConnectionHostNames. Set the value to the host name you want to exclude. If there are more than one, add them on separate lines and do not include the protocol, just the host name. Reboot the server and apply this to all Web Front Ends in the farm.

For the last configuration, you could define a group policy to apply this across multiple servers, but I’ll leave that for another day!

Hide Web Template

In PowerShell, if you want to remove a web template from the New Site dialog for a specific web, take a look at the following script:

function Remove-SPWebTemplate {
	[CmdletBinding()]
	param(
		[parameter(Position=1,Mandatory=$true)][Microsoft.SharePoint.SPWeb]$web
	)
	process {
		$templateList = New-Object "System.Collections.ObjectModel.Collection``1[[Microsoft.SharePoint.SPWebTemplate, Microsoft.SharePoint, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c]]"
 
		$availableWebTemplates = $web.GetAvailableWebTemplates(1033);
		$availableWebTemplates | Where{ $_.ID -ne 53 } | ForEach-Object {
		     $templateList.add($_)
		}
 
		if ($templateList.Count -gt 0) {
			Write-Host ("Removing Blank Internet web template with from web '", $_.Title, "' at ", $_.Url -join "") -NoNewline
			$web.SetAvailableWebTemplates($templateList, 1033);
			$web.Update()
			Write-Host " - Done." -ForegroundColor Green
		}
		else {
			Write-Host ("No web templates found for web ", $_.Url -join "") -ForegroundColor Red
		}
	}
}
 
Get-SPWebApplication | ForEach-Object {
	$_.Sites | Where { $_.ServerRelativeUrl -ne '/sites/example' } | ForEach-Object {
		$_.AllWebs | ForEach-Object {
			Remove-SPWebTemplate $_
		}
	}
}

Read more

Follow

Get every new post delivered to your Inbox

Join other followers: