Question

MateuszBill on Wed, 21 Feb 2018 14:49:20


Hello Everyone,

I have an issue with configuration on one farm. I have two frontends (server1 and server2) and two web applications (MySite and and "project" web application).

Recently I received information from my colleagues from monitoring team that there is something wrong with one frontend server as their monitoring software shows that "project" web app is not responding on server2 (they are checking it by sending http request), while in fact everything works fine. They receive following status code:

HTTP Critical - Invalid http response from host on port 443: HTTP/1.1 401 Unauthorized

As you can see we use SSL on both project and MySite web apps.

We already observed that bindings on both servers differ as on server1 we use dedicated IP addresses for both project and MySite web apps, while on server2 project web app uses IP of physical frontend server and MySite uses all unassigned IPs. Moreover no SSL certificate is used by MySite web app on server2.

Do you think that it may be the cause of invalid http response and binding MySite to specific IP address and certificate can resolve this issue? If it's not the case, what do you recommend to check?

PS. I inherited this configuration and it was set up long before I heard what SharePoint is :)


Sponsored



Replies

Allen Bai on Thu, 22 Feb 2018 10:00:44


Hi,

401 error is related to access issue. Make sure the account has access to the project server. 

Please check below things for narrowing your issue:
1. Check if this issue is related to network.

2. Try to binding MySite to specific IP address and certificate, then check if issue solved.

3. Add below code in your web config httpProtocol section:

add name="Access-Control-Allow-Origin" value="*" /> add name="Access-Control-Allow-Methods" value="GET,PUT,POST,DELETE,OPTIONS"/> add name="Access-Control-Allow-Headers" value="Content-Type" />
In addition, check ULS log, try to find more error message about this issue to help identify the cause. 

The default location of the ULS log in SharePoint 2010 is:
C:\Program Files\Common Files\microsoft shared\Web Server Extensions\14\LOGS 


Best regards,

Allen Bai


Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.


Ahmed Madany on Fri, 23 Feb 2018 20:15:59


Hi,

Did you try to disable loop-back check? if no , please apply the following steps on the farm servers

Disable the authentication loopback check
Re-enable the behavior that exists in Windows Server by setting the DisableLoopbackCheck registry entry in the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry subkey to 1. To set the DisableLoopbackCheck registry entry to 1, follow these steps on the client computer: 
Click Start, click Run, type regedit, and then click OK.
Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Right-click Lsa, point to
New, and then click DWORD Value.
Type DisableLoopbackCheck, and then press ENTER.
Right-click DisableLoopbackCheck, and then click Modify.
In the Value data box, type
1, and then click OK.
Exit Registry Editor.
Restart the computer.

https://support.microsoft.com/en-us/help/926642/error-message-when-you-try-to-access-a-server-locally-by-using-its-fqd

i hope this will help you 

sadomovalex on Mon, 26 Feb 2018 14:56:14



when you use several front end servers - configuration in IIS should be the same for Sharepoint sites, including bindings, certificates, app pools, etc. I recommend to start with making IIS configurations equal.

MateuszBill on Tue, 27 Feb 2018 13:16:04


Thanks everyone for your recommendations! I will start with IIS bindings and let you know if issue has been resolved.

Allen Bai on Thu, 01 Mar 2018 08:16:55


Hi,

How are things going? I'm willing to hear from you.

Best regards,

Allen Bai 

Allen Bai on Mon, 05 Mar 2018 12:01:51


Hi,

Is there any update on your issue?

Best regards,

Allen Bai 

MateuszBill on Mon, 12 Mar 2018 11:34:13


It came out that monitoring tool required Basic authentication to be enabled for this web application. It was done on the first server, but not on the other.