Monday, April 21, 2014

Configuring Alternate Access Mappings (AAM) in SharePoint


I recently needed to configure a SharePoint environment with a DNS entry (FQDN) instead of the server name under which it was currently installed and configured.

Well, as you can probably guess, the most obvious method of doing this was to go into “Alternate Access Mappings” and add the FQDN to the appropriate zones such as Intranet, Internet, Extranet and Default.

However, after configuring this, I noticed that I could not access SharePoint via those new DNS entries (at least on the local server)!

Instead, I was stuck in an infinite loop of authentication prompts that would never allow me access to the SharePoint site!

Fortunately, it seems this issue is (relatively) well documented and all articles point to this Microsoft Support Knowledgebase article:

This article is the infamous “DisableLoopbackCheck” article which is a MUST for SharePoint installations.

If you are using a tool such as AutoSPInstaller (, this is already incorporated as part of the scripted installation.

Of course, since this was a manually installed and configured SharePoint installation, I needed to do it myself.

Of course, since I love to automate things and make them reusable, I decided to script these operations for myself using Windows PowerShell:

Method 1 (Recommended method):

$hostNames = ""
New-ItemProperty HKLM:\System\CurrentControlSet\services\LanmanServer\Parameters -Name "DisableStrictNameChecking" -Value 1 -PropertyType "DWORD" -Force
New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa\MSV1_0 -Name "BackConnectionHostNames" -Value $hostNames -PropertyType "MultiString" -Force

Method 2:

New-ItemProperty HKLM:\System\CurrentControlSet\Control\Lsa -Name "DisableLoopbackCheck" -Value 1 -PropertyType "DWORD" -Force

I hope this helps anyone facing similar issues when configuring their SharePoint installations with AAM!

No comments:

Post a Comment