A couple of weeks ago, we received a request for help from one of our clients. Our client could no longer access the SSP (Shared Service Provider) Administration Site on their MOSS 2007 installation. Attempts to access the SSP resulted in 401.1 errors in the web browser.
This issue was vaguely familar but I could not recall the fix for the problem. After some troubleshooting it became clear that the problem was access to the SSP Admin site on the server itself and that the SSP host web application was configured with a custom host header. The SSP Admin site could be accessed remotely from another computer using the exact same URL used on the server.
It was that small piece of information that led me back to the fix that we had used ourselves a while back. The issue details and possible fixes are documented here: http://support.microsoft.com/kb/896861
The issue is caused by a loopback security feature that is part of Windows Server 2003 SP1.
Update: 05/05/2009 12:21 PM
A recent tweet reminded me that this issue also manifests itself in a broke search. If MOSS search is using the custom host header to access content and the content is inaccessible on the server via the custom host header search will break.