[IIS] When browse IIS 6.0 web site using FQDN, a HTTP 401.1 or 401.3 error occurs

When browsing an IIS web site using IP address, everything looks fine, But when using FQDN or Computer Name, you keep getting HTTP 401.1 or 401.3

You might encounter this kind of errors if you have the following environment

• IIS is running under an specificed Application Pool
• The Application Pool is using a domain user account or under a local user account
• The web site is configured using Integrated Windows Authentication only

When this error occurs, a Kerberos error entry will be logged under System Event with Event ID 4.

Resolution:

1. If the application pool is running under a Domain Account
   1. Download SetSpn utility from here
   2. Install setspn utility
   3. Open command prompt and execute the following commands

      setspn.exe -a http/IIS_computer's_NetBIOS_name DomainName\UserName
      setspn.exe -a http/IIS_computer's_FQDN DomainName\UserName

      Domain\UserName is the user account your Application Pool is running under.

2. If the application pool is running under a Local Account
   1. Open command prompt
   2. Locate and change directory to where Absutil.vbs located, by default, should be C:\Inetpub\AdminScripts
   3. Execute the following command

      cscript adsutil.vbs set w3svc/NTAuthenticationProviders "NTLM"

Reference:

David Wang's Blog : Explain HTTP 401.X errors

Microsoft Support : How to resolve HTTP 401.1