Sharepoint Forum

Ask Question   UnAnswered
Home » Forum » Sharepoint       RSS Feeds

kerberos and SharePoint

  Asked By: Stephanie    Date: Jun 13    Category: Sharepoint    Views: 946

What specific situations have you all encountered that would either require or strongly suggest that you use Kerberos with your SharePoint implementation?



3 Answers Found

Answer #1    Answered By: Stefanie Ruiz     Answered On: Jun 13

Mostly, Kerberos has been an answer to customers concern about domain replication/authentication traffic in the DMZ for internal accounts. Other than that…

Answer #2    Answered By: Damon Garner     Answered On: Jun 13

Color me clueless, but I don't understand how domain replication part of your
reply. Is kerberos  used in place of a trust?

Answer #3    Answered By: Royce Orr     Answered On: Jun 13

AD makes it hard to target what domain controller that you will authenticate against – particularly if it’s not on the local subnet. So one option is to put a set of domain controllers in the DMZ and then target to them for authentication but that then means they have to get replication from the inside network. (This prevents the outside web servers making calls into the backend network but puts the account database in the DMZ.)

Basically, there’s a level of fear around allowing basic AD replication/authentication operations in a DMZ. Kerberos generally mitigates those concerns.

Didn't find what you were looking for? Find more on kerberos and SharePoint Or get search suggestion and latest updates.