Over the years I have written a few blog posts about or related to Kerberos or NTLM authentication. These blog posts are summarized here for your convenience:
- (2006-12-28) NTLM And Kerberos Authentication Explained The Easy Way
- (2010-10-12) User Principal Names In AD (Part 1)
- (2010-10-12) User Principal Names In AD (Part 2)
- (2010-10-12) User Principal Names In AD (Part 3)
- (2011-02-13) Accessing A Resource With The Kerberos Authentication Protocol
- (2011-02-13 ) Accessing A Resource With The NTLM Authentication Protocol
- (2011-02-13) When Will The Password Expire For An AD User Account And What Happens Then?
-
However, in addition to what I have written, the guys at AskDS have written a bunch of excellent Kerberos related blog posts. These blog posts are summarized here for your convenience:
- Kerberos for the Busy Admin
- Troubleshooting Kerberos Authentication problems – Name resolution issues
- Kerberos Authentication problems – Service Principal Name (SPN) issues – Part 1
- Kerberos Authentication problems – Service Principal Name (SPN) issues – Part 2
- Kerberos Authentication problems – Service Principal Name (SPN) issues – Part 3
- Understanding Kerberos Double Hop
- Fun with the Kerberos Delegation Web Site
-
A guy from WebTopics also has written a very good blog post about Kerberos in IIS. This blog post is also here for your convenience:
-
Read all these blog posts, and you are up to speed in no time when the need arises to troubleshoot authentication problems. Have fun!
-
Cheers,
Jorge
———————————————————————————————
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
* DISCLAIMER: http://jorgequestforknowledge.wordpress.com/disclaimer/
———————————————————————————————
############### Jorge’s Quest For Knowledge #############
######### http://JorgeQuestForKnowledge.wordpress.com/ ########
———————————————————————————————
