Kerberos causing continuous prompting
Problem: Customer migrated to new hardware/software, from a SharePoint 2010 NTLM authentication farm to a SharePoint 2010 Kerberos authentication farm. Upon testing the sites, they were continuously prompted for authentication. No account, not even the farm account, could get in. There was no prompt for the test URL only for a couple of Production URLs that were tied to a couple of web apps.
Resolution: It was the bottom of the ninth inning, after lots of troubleshooting with various team members, it was decided to TURN OFF the problem. So this is not really a resolution but it allowed the customer to go live. I’ll follow-up with an update to this post once we determine what the root cause was. The steps below suppressed the authentication prompts for the time being.
- Build a new non-Kerberos web application with a blank Content Database
- Detach that Content Database
- Detach Content databases from old Web App and reattach to this new Web App
Fight Comparison:
This was Leonard vs Duran II…No Mas!! No Mas!!
Comments
Anonymous
January 01, 2003
Customer has still not turned on Kerberos, they are still with NTLM. But they will have to address this at some point because SharePoint 2013 is all claims based. My hunch it was a misconfigured SPN.Anonymous
May 13, 2013
Hi, did you find the cause of the problem? I'm having the same issue. Thanks, Boo