- Kerberos is an authentication protocol that allows clients to prove their identity to servers in a secure manner. - The logon process involves a client requesting a Ticket Granting Ticket from the Key Distribution Center, which can then be used to request service tickets for specific servers. - Accessing a web site involves the client sending its Ticket Granting Ticket to the Ticket Granting Service to request a service ticket for the web server, which is then used to authenticate to that server. - Common issues that can break Kerberos authentication include time synchronization problems, missing or duplicate service principal names, and expired client tickets.