IIS and Kerberos. Part 2 - Service Principal Names

IIS and Kerberos. Part 3 - A simple scenario

Ken Schaefer — Tue, 16 Jan 2007 20:48:57 GMT

In Part 3 of this series we look at setting up Kerberos Authentication in the simplest possible scenario.

IIS and Kerberos. Part 4 - A simple delegation scenario

Ken Schaefer — Sun, 28 Jan 2007 06:04:24 GMT

Delegation is a feature of Kerberos authentication that allows a server to obtain a Kerberos ticket on

IIS and Kerberos Part 5 - Procotol Transition, Constrained Delegation, S4U2S and S4U2P

Ken Schaefer — Thu, 19 Jul 2007 12:43:09 GMT

Protocol Transition is a new feature in Windows Server 2003. The Kerberos implementation in Windows Active

re: IIS and Kerberos. Part 2 - Service Principal Names

brian — Wed, 16 Jan 2008 23:48:51 GMT

I have setup windows authentication for a ASP.Net site. I setup the IP address of the application and an external url as Trusted sites. When I browse to the site (from a domain PC) with the IP, my credentials are passed automatically and I am logged in. When I try the same thing, with the url IE prompts me to enter my windows credentials. Why is this? Can I solve this by registering a SPN?

re: IIS and Kerberos. Part 2 - Service Principal Names

Ken — Fri, 18 Jan 2008 09:29:28 GMT

Hi Brian,

There are two possible issues here. Firstly verify that the URL is part of the Intranet security zone (see Part 3 in this series). That will cause IE to send credentials automatically.

After that, you need to verify what authentication mechanism IE is attempting to use. If it's Kerberos, and you are getting a prompt, then Kerberos is failing.

I'd read part 3 first before we move futher.

Kerberos przyjacielem mym

.neting in the free world — Fri, 11 Jul 2008 12:49:44 GMT

Coraz częściej w pracy stykam się z koniecznością ustawienia autentykacji poprzez protokół Kerberos ,

Kerberos przyjacielem twym

.neting in the free world — Fri, 11 Jul 2008 13:21:29 GMT

Coraz częściej w pracy stykam się z koniecznością ustawienia autentykacji poprzez protokół Kerberos ,

You are not authorized to view this page | keyongtech

You are not authorized to view this page | keyongtech — Thu, 22 Jan 2009 02:20:08 GMT

PingBack from http://www.keyongtech.com/1219048-you-are-not-authorized-to

IIS and Kerberos Part 9 - Cross Forest Delegation scenario with UPN suffix routing

Ken Schaefer — Thu, 26 Feb 2009 12:24:34 GMT

As an extension of the previous article on Cross Forest (or Cross Domain) Kerberos Authentication this

Vidar's Musings ?? The mother lode for IIS, Kerberos and IWA information

Vidar's Musings ?? The mother lode for IIS, Kerberos and IWA information — Fri, 06 Mar 2009 09:54:43 GMT

PingBack from http://www.kongsli.net/nblog/2009/03/06/the-mother-lode-for-iis-kerberos-and-iwa-information/

Constrained Kerberos Delegation & BlueCoat ProxySG « Dvas0004's Blog

Constrained Kerberos Delegation & BlueCoat ProxySG « Dvas0004's Blog — Thu, 22 Jul 2010 07:37:42 GMT

PingBack from http://dvas0004.wordpress.com/2010/07/22/constrained-kerberos-delegation-bluecoat-proxysg-2/

Kerberos,NTLM and Integrated Windows Authentication in IIS « Prasenjit's Blog

Kerberos,NTLM and Integrated Windows Authentication in IIS « Prasenjit's Blog — Mon, 09 Aug 2010 03:57:42 GMT

PingBack from http://pkpaul5.wordpress.com/2010/08/09/kerberosntlm-and-integrated-windows-authentication-in-iis/