I installed Team Foundation Server 2010 with a standard install and default settings. I have no AD services, this is a home machine in a workgroup. I have forwarded ports and such.
When trying to use web access, I can connect just fine using either localhost:8080/tfs/web or machine-name:8080/tfs/web. Both ask me for a user name and password, I enter my local admin credentials and it connects and gives me the TFS web interface as expected.
Trying to use myAddress.external.org:8080/tfs/web asks me for the username and password just like the other options, but doesn’t accept any credentials and after several failed attempts gives 401: not authorized.
I’ve been looking around and I suspect it’s a configuration issue with IIS, but I can’t seem to get it working. Saw a similar problem here on stackoverflow, but his issue was not using an admin account. I’m trying to login with the only admin account on the machine, and the same one that TFS was installed under.
Someone suggested adding a binding to myAddress.external.org:8080 in the IIS console, but that didn’t seem to do anything.
Ok, found what the problem was. Turns out there is a security feature that kicks in when trying to use an external name that resolves to localhost. This is unrelated to TFS, and is the case for any website hosted in IIS. The issue and solution is detailed here:
http://support.microsoft.com/kb/896861
I ended up disabling loopbackcheck as suggested in the article: