Re: Has Microsoft recently introduced "Loopback check" functionality in Windows 2000?
- From: PabloV99 <PabloV99.3ktyjb@xxxxxxxxxxxxx>
- Date: Mon, 22 Dec 2008 22:12:49 +0530
The patch *KB957097* is the one that adds it.
Also some of the following ones (still I did not have time to
investigate which one):
We have faced same on our windows servers. Server can't access itself
using alias, but can with hostname or IP.
Recently installed patches are these:
- Security Update for Windows 2000 (KB957095)
- Security Update for Windows 2000 (KB958644)
- Security Update for Windows 2000 (KB957097)
- Security Update for Microsoft .NET Framework 1.1 Service Pack 1
- Cumulative Security Update for Internet Explorer 6 Service Pack 1
- Security Update for Internet Explorer 6 for Windows 2000 (KB938464)
- Cumulative Security Update for ActiveX Killbits for Windows 2000
- Security Update for Windows 2000 (KB954211)
And DisableLoopBackCheck is in registry now with value of 0
I'm sure one of these adds this in the registry, but I couldn't make
sure which. Actually I checked kb pages of all these on Microsoft's
homepage but couldnt find anything yet. If someone can help us, that
will be really appreciated.
On 24 Kasým, 18:38, "Trust No One®" <dana.scu...@xxxxxxxx> wrote:
I think the answer to my question is "Yes", but hopefully someone
confirm and/or point me to the particular security patch thatintroduced it.
Recently - on the 14th of November when we rolled out a number of
patches, a number of our Windows 2000 servers had problems wherelocal
applications running on these servers were no longer able to map to
shares using an alias (DNS CNAME) for the server. Attempting the mapthe
share resulted in a request for login credentials.Windows
Up to this point this kind of drive mapping worked flawlessly in
2000, provided the DisableStrictNameChecking key was set as detailedin:
During my investigation I found that the registry value
DisableLoopBackCheck=0 now appears in the registry of our Windows
servers. This is related to the LoopBack check functionality whichwas first
introduced in Windows 2003 SP1.(seehttp://support.microsoft.com/kb/896861)
If I set "DisableLoopBackCheck=1" or alternately specify the desired
in a "BackConnectionHostNames" entry, then everything works, as perthe KB
article for Windows 2003 SP1.check
So it looks like a recent security patch has introduced the loopback
functionality previously only applicable to Windows 2003 SP1onwards.
Can anyone else confirm this behaviour?
Peter <X-Files fan>
PabloV99's Profile: http://forums.techarena.in/members/pablov99.htm
View this thread: http://forums.techarena.in/windows-2000-security/1076916.htm
- Prev by Date: Re: automatic updates disabled "error 1058"
- Next by Date: Write access for author but no access to other files
- Previous by thread: my date changes back to 2002 when i try to windows update!
- Next by thread: Write access for author but no access to other files