Solved

SharePoint with Kerberos authentication

Posted on 2007-04-11
2
709 Views
Last Modified: 2012-05-05
I am running a MOSS 2007 small farm with two load-balanced WFE servers and one SQL 2005 server. I have set up kerberos authentication
1) selected the kerberos options during install and web application creation
2) registered the SPN for my WFE computers and accounts running my application pools
3) set my WFE computers and application pool accounts as trusted for delegation in AD
4) set up the certificate on my WFEs
5) modified the IIS metabase line <IISWebServer> ...<ntauthentication="ntlm">  to <IISWebServer> ...<ntauthentication="negotiate,ntlm">

However when I go to the security tab in the Event Viewer on my web front end, it still says "NTLM" as the authentication method for many SharePoint events. Could this be correct?

Secondly, each time I open up a browser and navigate to the SharePoint site for the first time, it prompts for a user name and password. Is this the correct behavior for kerberos? Is it not extremely inconvenient for users to be prompted for this each time they open a browser window and navigate to SharePoint? I would like to get rid of ths if possible.
0
Comment
Question by:NGPSoft1
2 Comments
 
LVL 42

Accepted Solution

by:
zephyr_hex earned 500 total points
Comment Utility
as for your second question...
make sure the site is configured in IE as local intranet.
also, under the local intranet options, make sure User Authentication is set to "automatic logon with current username and password"

0
 
LVL 4

Author Comment

by:NGPSoft1
Comment Utility
Thank you, that worked.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Suggested Solutions

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Know what services you can and cannot, should and should not combine on your server.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include tâ€Ĥ
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now