Solved

SharePoint with Kerberos authentication

Posted on 2007-04-11
2
715 Views
Last Modified: 2012-05-05
I am running a MOSS 2007 small farm with two load-balanced WFE servers and one SQL 2005 server. I have set up kerberos authentication
1) selected the kerberos options during install and web application creation
2) registered the SPN for my WFE computers and accounts running my application pools
3) set my WFE computers and application pool accounts as trusted for delegation in AD
4) set up the certificate on my WFEs
5) modified the IIS metabase line <IISWebServer> ...<ntauthentication="ntlm">  to <IISWebServer> ...<ntauthentication="negotiate,ntlm">

However when I go to the security tab in the Event Viewer on my web front end, it still says "NTLM" as the authentication method for many SharePoint events. Could this be correct?

Secondly, each time I open up a browser and navigate to the SharePoint site for the first time, it prompts for a user name and password. Is this the correct behavior for kerberos? Is it not extremely inconvenient for users to be prompted for this each time they open a browser window and navigate to SharePoint? I would like to get rid of ths if possible.
0
Comment
Question by:NGPSoft1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 43

Accepted Solution

by:
zephyr_hex (Megan) earned 500 total points
ID: 18891388
as for your second question...
make sure the site is configured in IE as local intranet.
also, under the local intranet options, make sure User Authentication is set to "automatic logon with current username and password"

0
 
LVL 4

Author Comment

by:NGPSoft1
ID: 18891668
Thank you, that worked.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
In case you ever have to remove a faulty web part from a page , add the following to the end of the page url ?contents=1
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question