What it's like to work in IT

RobertKaucherRobertKaucher Posts: 4,298Member
This week I had set up our production servers for the migration to SharePoint 2010. I have done this so many times I could do it in my sleep.
We need to use Kerberos Constrained Delegation with ISA 2006. Now setting that up is quite easy but can be complex when something goes wrong. This time I just could not get the Kerberos auth to work. Nothing I did fixed it. I checked everything - except for a duplicate SPN.
setspn -x
found the problem. I had left the SPN registered after my previous test.

This is is how I feel:

http://basicinstructions.squarespace.com/storage/wallpapers/lb1600x1200.jpg

Comments

  • Bl8ckr0uterBl8ckr0uter Posts: 5,031Inactive Imported Users ■■■■■■■■□□
    Dude I kid you not I had almost the exact same problem this week on a server 2008 r2 box. IIS wasn't authenticating to AD correctly. Busted out Wireshark to see what packets weren't going. Read the rfc and did some googling. Found out about spns and such and published one with the sitename on the host. Problem solved.
  • RobertKaucherRobertKaucher Posts: 4,298Member
    I generally get down on myself a bit too much for wasting time on things I should already know to look for. But sometimes your brain just does not function in an efficient manner. Well, I have added setspn -x to my check list for setting up Kerberos auth. Lesson learned, I guess.
  • it_consultantit_consultant Posts: 1,903Member
    This is like when I worked on a firewall for hours trying to get the internet up, called and cursed out the ISP, had the firewall in debug mode...I had one number off in my default route.
Sign In or Register to comment.