SlideShare a Scribd company logo

Kerberos part 2

Spencer Harbar
Spencer Harbar

This document summarizes Spencer Harbar's presentation on advanced Kerberos scenarios and troubleshooting techniques. The presentation covered troubleshooting Kerberos issues using Windows event logs, Kerberos auditing and debugging tools. It also discussed load balancing challenges, configuring shared services for Kerberos, and delegating access to external applications like Excel Services and SQL Server Reporting Services. Advanced topics included running a Kerberos-only environment and essential Kerberos troubleshooting tools. Attendees were invited to ask questions and discuss Kerberos configurations.

Technology
1 of 28
Spencer Harbar Kerberos Part Two:“Advanced” Scenarios and Additional Considerations
About the speaker... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server SharePoint Patterns & Practices Advisory Board Member 15 years in Enterprise IT ISPA Board Member Enterprise Architect working with Microsoft’s largestcustomers deploying Office SharePoint Server 2007.
About the speakers... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server 15 years in Enterprise IT ISPA Board Member Bob Fox - www.spfoxhole.com/Blog/ | bfox11b@verizon.net Most Valuable Professional | SharePoint Services Specializing in SharePoint architecture and deployment B&R Business Solutions, LLC IT Professional with over 15 years experience ISPA Board Member
Agenda Two-part session Part One (you missed it!) Authentication Methodologies Kerberos Overview Why Kerberos with SharePoint? Implementing Kerberos with SharePoint Common Problems Best Practices Part Two (this session!) Troubleshooting Shared Service Providers Search “Advanced” Scenarios Kerberos Only? More Tools Q&A/Discussion
Troubleshooting
Windows Event Log ,[object Object]
First place to look
Sources
Kerberos
LSA
LsaSrv
Events include Kerberos Error Code
Document “Troubleshooting Kerberos Errors”
Includes Codes, Possible Causes, Resolutions
http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1,[object Object]
Kerberos Auditing Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogLevel Value Type: REG_DWORD Value Data: 1 Don’t leave on! Document “Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
Kerberos DebugView Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarameterserbDebugLevel Value Type: DWORD Data: c0000043 (outputs the most standard set of debug messages) Try it first, If you still want to see more output, set it to ffffffff HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogToFile Type: DWORD Data: 1 Logs to %windir%ystem32sass.log Don’t leave on!
Network Monitor Or alternative network capture tools Wireshark, NetSniffer, EtherDetect etc Captures packets for analysis Filter Capture for Authentication Will include detailed Kerberos related traffic Document“Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
The Great Load Balancing Myth “Kerberos doesn’t work with our Load Balancer” Load Balancers don’t know or care about Kerberos It’s not a Kerberos issue, it’s a addressing issue SharePoint Web Application Configuration Don’t use CNames (again!) Configure host name/host headers correctly Certain Load Balancers need to address hosts directly
Demonstration Troubleshooting Kerberos
Shared Services
Shared Services stsadm.exe –o setsharedwebserviceauthn-negotiate
Issues with Shared Services .NET client can’t bind to the server using non-default ports Without host headers SSP services use non default ports without host headers http://server:56737 & https://server:56738 Indexer can’t crawl Kerberos Web Applications on non default ports
>1 SSP with different identities Office Server Web Services SharedServices1 HTTP/server1 domainser1 Duplicate SPN’s! HTTP/server1 domainser2 SharedServices2
Shared Services Solution Install Infrastructure Updates (or later) on all servers in farm Add Registry KeyHKLMoftwareicrosoftffice Server2.0erberosSpnFormat Type: DWORD, Data: 1 Reboot! Configure SPNs (for each server in farm)MSSP/server1:56737/SharedServices1 MSSP/server1:56738/SharedServices1 Configure Shared Services stsadm.exe –o setsharedwebserviceauthn -negotiate
Shared Services Kernel Mode Authentication Requires same configuration as end user applications You cannot mix and match NTLM and Kerberos In the same Farm Despite appearances Central Admin setting is scoped to SSP All SSPs must either be NTLM or Kerberos
Demonstration Shared Services
“advanced scenarios”

Recommended

DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010Spencer Harbar
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersSpencer Harbar
 
It114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncIt114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncSpencer Harbar
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
SPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web ApplicationsSPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web Applications
NCCOMMS
 
Designing for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsDesigning for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted Apps
Roy Kim
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case Study
Sreenivasa Setty
 

Recommended

DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010Spencer Harbar
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersSpencer Harbar
 
It114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncIt114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncSpencer Harbar
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
SPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web ApplicationsSPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web Applications
NCCOMMS
 
Designing for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsDesigning for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted Apps
Roy Kim
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
SPC Adriatics
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case Study
Sreenivasa Setty
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
amitchachra
 
Sharepoint And Clearspace
Sharepoint And ClearspaceSharepoint And Clearspace
Sharepoint And Clearspace
Saurabh Raisinghani
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You Want
NCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
European Collaboration Summit
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint app
Talbott Crowell
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyO365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
NCCOMMS
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Gus Fraser
 
[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams
European Collaboration Summit
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint Developers
Eric Shupps
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
Microsoft TechNet - Belgium and Luxembourg
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
InnoTech
 
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIGet Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Eric Shupps
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013
SPC Adriatics
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Eric Shupps
 
Introduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentIntroduction to Office and SharePoint Development
Introduction to Office and SharePoint Development
Eric Shupps
 
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep DiveECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
European Collaboration Summit
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development Workshop
Eric Shupps
 
Office 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC RestonOffice 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC Reston
amitvasu
 
Gerald Ibarreta CV
Gerald Ibarreta CVGerald Ibarreta CV
Gerald Ibarreta CVGerald Francis Ibarreta
 
弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用
Peter Chen
 

More Related Content

What's hot

Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
amitchachra
 
Sharepoint And Clearspace
Sharepoint And ClearspaceSharepoint And Clearspace
Sharepoint And Clearspace
Saurabh Raisinghani
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You Want
NCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
European Collaboration Summit
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint app
Talbott Crowell
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyO365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
NCCOMMS
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Gus Fraser
 
[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams
European Collaboration Summit
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint Developers
Eric Shupps
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
Microsoft TechNet - Belgium and Luxembourg
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
InnoTech
 
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIGet Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Eric Shupps
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013
SPC Adriatics
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Eric Shupps
 
Introduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentIntroduction to Office and SharePoint Development
Introduction to Office and SharePoint Development
Eric Shupps
 
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep DiveECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
European Collaboration Summit
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development Workshop
Eric Shupps
 
Office 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC RestonOffice 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC Reston
amitvasu
 

What's hot (20)

Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 
Sharepoint And Clearspace
Sharepoint And ClearspaceSharepoint And Clearspace
Sharepoint And Clearspace
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxford
 
Adfs azure
Adfs azureAdfs azure
Adfs azure
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You Want
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint app
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyO365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
 
[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint Developers
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
 
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIGet Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
 
Introduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentIntroduction to Office and SharePoint Development
Introduction to Office and SharePoint Development
 
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep DiveECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development Workshop
 
Office 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC RestonOffice 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC Reston
 

Viewers also liked

弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用
Peter Chen
 
Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7
Jaci Russo
 
Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)
Ontico
 
Spring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny BorisovSpring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny Borisov
JavaDayUA
 
React + Redux. Опыт использования
React + Redux. Опыт использованияReact + Redux. Опыт использования
React + Redux. Опыт использования
GDG Odessa
 
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Ontico
 
Программа лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсыПрограмма лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсы
NGM
 
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
Akihiko Kodama
 
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайнаСтудия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Maxim Kyshtymov
 
Apache HBase at Airbnb
Apache HBase at Airbnb Apache HBase at Airbnb
Apache HBase at Airbnb
HBaseCon
 
13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations
Melissa Milloway, MSIT
 
Weapons of Influence
Weapons of InfluenceWeapons of Influence
Weapons of Influence
Yang Ao Wei 楊翱維
 
The Science of Memorable Presentations
The Science of Memorable PresentationsThe Science of Memorable Presentations
The Science of Memorable Presentations
Ethos3
 
Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015
Denise Jacobs
 
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop ConsultingAdvanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
Impetus Technologies
 
Hadoop configuration & performance tuning
Hadoop configuration & performance tuningHadoop configuration & performance tuning
Hadoop configuration & performance tuning
Vitthal Gogate
 

Viewers also liked (20)

Gerald Ibarreta CV
Gerald Ibarreta CVGerald Ibarreta CV
Gerald Ibarreta CV
 
弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用
 
Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7
 
Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)
 
Enzymen 2e deel
Enzymen 2e deelEnzymen 2e deel
Enzymen 2e deel
 
Voortbeweging
VoortbewegingVoortbeweging
Voortbeweging
 
Spring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny BorisovSpring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny Borisov
 
React + Redux. Опыт использования
React + Redux. Опыт использованияReact + Redux. Опыт использования
React + Redux. Опыт использования
 
Hoofdstuk 11 deel 1
Hoofdstuk 11 deel 1Hoofdstuk 11 deel 1
Hoofdstuk 11 deel 1
 
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
 
Программа лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсыПрограмма лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсы
 
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
 
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайнаСтудия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
 
Apache HBase at Airbnb
Apache HBase at Airbnb Apache HBase at Airbnb
Apache HBase at Airbnb
 
13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations
 
Weapons of Influence
Weapons of InfluenceWeapons of Influence
Weapons of Influence
 
The Science of Memorable Presentations
The Science of Memorable PresentationsThe Science of Memorable Presentations
The Science of Memorable Presentations
 
Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015
 
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop ConsultingAdvanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
 
Hadoop configuration & performance tuning
Hadoop configuration & performance tuningHadoop configuration & performance tuning
Hadoop configuration & performance tuning
 

Similar to Kerberos part 2

Best Practice SharePoint Architecture
Best Practice SharePoint ArchitectureBest Practice SharePoint Architecture
Best Practice SharePoint Architecture
Michael Noel
 
Roles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureRoles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL Azure
Eduardo Castro
 
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
Knowledge Cue
 
Satish Chapekar Sys Admin
Satish Chapekar Sys AdminSatish Chapekar Sys Admin
Satish Chapekar Sys AdminSatish Chapekar
 
Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014
Lukas Smith
 
Build on AWS: Migrating And Platforming
Build on AWS: Migrating And PlatformingBuild on AWS: Migrating And Platforming
Build on AWS: Migrating And Platforming
Amazon Web Services
 
Optimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System SolutionOptimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System Solution
aljimenez
 
Build on AWS: Migrating and Platforming
Build on AWS: Migrating and PlatformingBuild on AWS: Migrating and Platforming
Build on AWS: Migrating and Platforming
Amazon Web Services
 
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...corin29
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptx
rajeevrocks
 
Dev buchan leveraging
Dev buchan leveragingDev buchan leveraging
Dev buchan leveragingBill Buchan
 
Technical Envirment Johan Olsson
Technical Envirment Johan OlssonTechnical Envirment Johan Olsson
Technical Envirment Johan Olsson
Microsoft Partner Network Sweden
 
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Joel Oleson
 
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Amazon Web Services
 
Patterns & Practices of Microservices
Patterns & Practices of MicroservicesPatterns & Practices of Microservices
Patterns & Practices of Microservices
Wesley Reisz
 
Managing Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the CloudManaging Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the Cloud
CloudBees
 
active directory fundamental for the beginner
active directory fundamental for the beginneractive directory fundamental for the beginner
active directory fundamental for the beginner
RivelynN
 

Similar to Kerberos part 2 (20)

Kerberos part 1
Kerberos part 1Kerberos part 1
Kerberos part 1
 
Best Practice SharePoint Architecture
Best Practice SharePoint ArchitectureBest Practice SharePoint Architecture
Best Practice SharePoint Architecture
 
Roles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureRoles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL Azure
 
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
 
Satish Chapekar Sys Admin
Satish Chapekar Sys AdminSatish Chapekar Sys Admin
Satish Chapekar Sys Admin
 
Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014
 
Build on AWS: Migrating And Platforming
Build on AWS: Migrating And PlatformingBuild on AWS: Migrating And Platforming
Build on AWS: Migrating And Platforming
 
Optimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System SolutionOptimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System Solution
 
Build on AWS: Migrating and Platforming
Build on AWS: Migrating and PlatformingBuild on AWS: Migrating and Platforming
Build on AWS: Migrating and Platforming
 
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
 
Kerberos
KerberosKerberos
Kerberos
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptx
 
Dev buchan leveraging
Dev buchan leveragingDev buchan leveraging
Dev buchan leveraging
 
Technical Envirment Johan Olsson
Technical Envirment Johan OlssonTechnical Envirment Johan Olsson
Technical Envirment Johan Olsson
 
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
 
Move to azure
Move to azureMove to azure
Move to azure
 
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
 
Patterns & Practices of Microservices
Patterns & Practices of MicroservicesPatterns & Practices of Microservices
Patterns & Practices of Microservices
 
Managing Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the CloudManaging Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the Cloud
 
active directory fundamental for the beginner
active directory fundamental for the beginneractive directory fundamental for the beginner
active directory fundamental for the beginner
 

Recently uploaded

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 

Recently uploaded (20)

The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 

Kerberos part 2

  • 1. Spencer Harbar Kerberos Part Two:“Advanced” Scenarios and Additional Considerations
  • 2. About the speaker... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server SharePoint Patterns & Practices Advisory Board Member 15 years in Enterprise IT ISPA Board Member Enterprise Architect working with Microsoft’s largestcustomers deploying Office SharePoint Server 2007.
  • 3. About the speakers... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server 15 years in Enterprise IT ISPA Board Member Bob Fox - www.spfoxhole.com/Blog/ | bfox11b@verizon.net Most Valuable Professional | SharePoint Services Specializing in SharePoint architecture and deployment B&R Business Solutions, LLC IT Professional with over 15 years experience ISPA Board Member
  • 4. Agenda Two-part session Part One (you missed it!) Authentication Methodologies Kerberos Overview Why Kerberos with SharePoint? Implementing Kerberos with SharePoint Common Problems Best Practices Part Two (this session!) Troubleshooting Shared Service Providers Search “Advanced” Scenarios Kerberos Only? More Tools Q&A/Discussion
  • 6.
  • 10. LSA
  • 14. Includes Codes, Possible Causes, Resolutions
  • 15.
  • 16. Kerberos Auditing Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogLevel Value Type: REG_DWORD Value Data: 1 Don’t leave on! Document “Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
  • 17. Kerberos DebugView Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarameterserbDebugLevel Value Type: DWORD Data: c0000043 (outputs the most standard set of debug messages) Try it first, If you still want to see more output, set it to ffffffff HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogToFile Type: DWORD Data: 1 Logs to %windir%ystem32sass.log Don’t leave on!
  • 18. Network Monitor Or alternative network capture tools Wireshark, NetSniffer, EtherDetect etc Captures packets for analysis Filter Capture for Authentication Will include detailed Kerberos related traffic Document“Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
  • 19. The Great Load Balancing Myth “Kerberos doesn’t work with our Load Balancer” Load Balancers don’t know or care about Kerberos It’s not a Kerberos issue, it’s a addressing issue SharePoint Web Application Configuration Don’t use CNames (again!) Configure host name/host headers correctly Certain Load Balancers need to address hosts directly
  • 22. Shared Services stsadm.exe –o setsharedwebserviceauthn-negotiate
  • 23. Issues with Shared Services .NET client can’t bind to the server using non-default ports Without host headers SSP services use non default ports without host headers http://server:56737 & https://server:56738 Indexer can’t crawl Kerberos Web Applications on non default ports
  • 24. >1 SSP with different identities Office Server Web Services SharedServices1 HTTP/server1 domainser1 Duplicate SPN’s! HTTP/server1 domainser2 SharedServices2
  • 25. Shared Services Solution Install Infrastructure Updates (or later) on all servers in farm Add Registry KeyHKLMoftwareicrosoftffice Server2.0erberosSpnFormat Type: DWORD, Data: 1 Reboot! Configure SPNs (for each server in farm)MSSP/server1:56737/SharedServices1 MSSP/server1:56738/SharedServices1 Configure Shared Services stsadm.exe –o setsharedwebserviceauthn -negotiate
  • 26. Shared Services Kernel Mode Authentication Requires same configuration as end user applications You cannot mix and match NTLM and Kerberos In the same Farm Despite appearances Central Admin setting is scoped to SSP All SSPs must either be NTLM or Kerberos
  • 29. Delegation to External Apps All depends upon the application Potential for additional configuration “Middle Tier” Host Delegation Example SQL Server Reporting Services Host delegation if RS is on separate machines Web.config & RSReportServer.config
  • 30. Excel Services Do NOT follow KB953130! Easily the worst security KB ever authored Details a single MOSS server configuration! Just plain wrong, many steps unnecessary DCOM Configuration, Computer Account Delegation, etc OOTB Excel Services is a simple delegation scenario Configure Web App Application Pool account fordelegation to SSP SPN stsadm.exe -o set-ecssecurity -ssp %SSPNAME% -accessmodel delegation
  • 31. Excel Services & Analysis Services A more common scenario Leveraging Data Connections When using with Analysis Services Additional Configuration Service Principal Names for Analysis Services MSOLAPSvc.3/HOST MSOLAPSvc.3/HOST:instance Middle Tier Delegation MSKB 917409
  • 33. Kerberos Only? IIS uses NTLM, Negotiate, or both NTAuthenticationProviders = “Negotiate” Does not mean Kerberos only Negotiate will always “fall back” to NTLM HTTP_AUTHORIZATION server variable Can be leveraged in HttpModule Unsupported IIS7 in Windows Server 2008 R2 supports Nego2 allows granular Kerberos/NTLM enablement Requires Windows 7 clients
  • 34. Essential Tools CLI: Setspn.exe Windows Server 2008: installed by default Windows Server 2003: part of Resource Kit or separate downloadhttp://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd GUI: Adsiedit.msc Windows Server 2008: installed by default Windows Server 2003: part of support tools (on Windows CD) Kerbtray.exehttp://www.microsoft.com/downloads/details.aspx?familyid=4E3A58BE-29F6-49F6-85BE-E866AF8E7A88 Klist.exehttp://www.microsoft.com/DownLoads/details.aspx?familyid=1581E6E7-7E64-4A2D-8ABA-73E909D2A7DC Both part of the Windows 2003 Resource Kit Toolshttp://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd Network Monitor 3.3http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f Fiddlerhttp://www.fiddlertool.com/DelegConfighttp://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1434http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1887
  • 37. Thank You! Please complete your evaluations It makes us better next time!

Editor's Notes

  1. SPENCE WILL KICK OFF
  2. SPENCE & BOB
  3. Spence
  4. Spence Demo
  5. Bob
  6. Spence Demo
  7. Spence
  8. Spence
  9. Spence Demo
  10. Spence