SlideShare una empresa de Scribd logo

Kerberos part 2

Spencer Harbar
Spencer Harbar
Tecnología
1 de 28
Spencer Harbar Kerberos Part Two:“Advanced” Scenarios and Additional Considerations
About the speaker... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server SharePoint Patterns & Practices Advisory Board Member 15 years in Enterprise IT ISPA Board Member Enterprise Architect working with Microsoft’s largestcustomers deploying Office SharePoint Server 2007.
About the speakers... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server 15 years in Enterprise IT ISPA Board Member Bob Fox - www.spfoxhole.com/Blog/ | bfox11b@verizon.net Most Valuable Professional | SharePoint Services Specializing in SharePoint architecture and deployment B&R Business Solutions, LLC IT Professional with over 15 years experience ISPA Board Member
Agenda Two-part session Part One (you missed it!) Authentication Methodologies Kerberos Overview Why Kerberos with SharePoint? Implementing Kerberos with SharePoint Common Problems Best Practices Part Two (this session!) Troubleshooting Shared Service Providers Search “Advanced” Scenarios Kerberos Only? More Tools Q&A/Discussion
Troubleshooting
Windows Event Log ,[object Object]
First place to look
Sources
Kerberos
LSA
LsaSrv
Events include Kerberos Error Code
Document “Troubleshooting Kerberos Errors”
Includes Codes, Possible Causes, Resolutions
http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1,[object Object]
Kerberos Auditing Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogLevel Value Type: REG_DWORD Value Data: 1 Don’t leave on! Document “Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
Kerberos DebugView Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarameterserbDebugLevel Value Type: DWORD Data: c0000043 (outputs the most standard set of debug messages) Try it first, If you still want to see more output, set it to ffffffff HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogToFile Type: DWORD Data: 1 Logs to %windir%ystem32sass.log Don’t leave on!
Network Monitor Or alternative network capture tools Wireshark, NetSniffer, EtherDetect etc Captures packets for analysis Filter Capture for Authentication Will include detailed Kerberos related traffic Document“Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
The Great Load Balancing Myth “Kerberos doesn’t work with our Load Balancer” Load Balancers don’t know or care about Kerberos It’s not a Kerberos issue, it’s a addressing issue SharePoint Web Application Configuration Don’t use CNames (again!) Configure host name/host headers correctly Certain Load Balancers need to address hosts directly
Demonstration Troubleshooting Kerberos
Shared Services
Shared Services stsadm.exe –o setsharedwebserviceauthn-negotiate
Issues with Shared Services .NET client can’t bind to the server using non-default ports Without host headers SSP services use non default ports without host headers http://server:56737 & https://server:56738 Indexer can’t crawl Kerberos Web Applications on non default ports
>1 SSP with different identities Office Server Web Services SharedServices1 HTTP/server1 domainser1 Duplicate SPN’s! HTTP/server1 domainser2 SharedServices2
Shared Services Solution Install Infrastructure Updates (or later) on all servers in farm Add Registry KeyHKLMoftwareicrosoftffice Server2.0erberosSpnFormat Type: DWORD, Data: 1 Reboot! Configure SPNs (for each server in farm)MSSP/server1:56737/SharedServices1 MSSP/server1:56738/SharedServices1 Configure Shared Services stsadm.exe –o setsharedwebserviceauthn -negotiate
Shared Services Kernel Mode Authentication Requires same configuration as end user applications You cannot mix and match NTLM and Kerberos In the same Farm Despite appearances Central Admin setting is scoped to SSP All SSPs must either be NTLM or Kerberos
Demonstration Shared Services
“advanced scenarios”

Recomendados

DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010Spencer Harbar
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersSpencer Harbar
 
It114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncIt114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncSpencer Harbar
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
SPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web ApplicationsSPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web ApplicationsNCCOMMS
 
Designing for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsDesigning for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsRoy Kim
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudySreenivasa Setty
 

Recomendados

DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010DD105 Multi Tenancy in SharePoint 2010
DD105 Multi Tenancy in SharePoint 2010Spencer Harbar
 
It112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersIt112 SharePoint 2010 Mythbusters
It112 SharePoint 2010 MythbustersSpencer Harbar
 
It114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncIt114 Configuring SharePoint 2010 User Profile Sync
It114 Configuring SharePoint 2010 User Profile SyncSpencer Harbar
 
DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010DD109 Claims Based AuthN in SharePoint 2010
DD109 Claims Based AuthN in SharePoint 2010Spencer Harbar
 
SPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web ApplicationsSPUnite17 Introduction to Azure Web Applications
SPUnite17 Introduction to Azure Web ApplicationsNCCOMMS
 
Designing for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsDesigning for SharePoint Provider Hosted Apps
Designing for SharePoint Provider Hosted AppsRoy Kim
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
OFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudyOFM AIA FP Implementation View and Case Study
OFM AIA FP Implementation View and Case StudySreenivasa Setty
 
Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Sharepoint And Clearspace
Sharepoint And ClearspaceSharepoint And Clearspace
Sharepoint And ClearspaceSaurabh Raisinghani
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
Adfs azure
Adfs azureAdfs azure
Adfs azureJethro Seghers
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantNCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appTalbott Crowell
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyO365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyNCCOMMS
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft TeamsEuropean Collaboration Summit
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersEric Shupps
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIGet Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIEric Shupps
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013SPC Adriatics
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Eric Shupps
 
Introduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentIntroduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentEric Shupps
 
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep DiveECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep DiveEuropean Collaboration Summit
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development WorkshopEric Shupps
 
Office 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC RestonOffice 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC Restonamitvasu
 
Gerald Ibarreta CV
Gerald Ibarreta CVGerald Ibarreta CV
Gerald Ibarreta CVGerald Francis Ibarreta
 
弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用Peter Chen
 

Más contenido relacionado

La actualidad más candente

Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsamitchachra
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxfordguestd9aa5
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantNCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft CloudEuropean Collaboration Summit
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appTalbott Crowell
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyO365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyNCCOMMS
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Gus Fraser
 
[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft TeamsEuropean Collaboration Summit
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersEric Shupps
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365Microsoft TechNet - Belgium and Luxembourg
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365InnoTech
 
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIGet Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIEric Shupps
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013SPC Adriatics
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Eric Shupps
 
Introduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentIntroduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentEric Shupps
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development WorkshopEric Shupps
 
Office 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC RestonOffice 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC Restonamitvasu
 

La actualidad más candente (20)

Office 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfsOffice 365-single-sign-on-with-adfs
Office 365-single-sign-on-with-adfs
 
Sharepoint And Clearspace
Sharepoint And ClearspaceSharepoint And Clearspace
Sharepoint And Clearspace
 
Adfs Shib Interop Um Oxford
Adfs Shib Interop Um OxfordAdfs Shib Interop Um Oxford
Adfs Shib Interop Um Oxford
 
Adfs azure
Adfs azureAdfs azure
Adfs azure
 
SPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You WantSPUnite17 Who Are You and What Do You Want
SPUnite17 Who Are You and What Do You Want
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
 
Developing a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint appDeveloping a Provider Hosted SharePoint app
Developing a Provider Hosted SharePoint app
 
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared ShockleyO365Con18 - Running SharePoint on Azure Tips - Jared Shockley
O365Con18 - Running SharePoint on Azure Tips - Jared Shockley
 
Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13Building Secure Extranets with Claims-Based Authentication #SPEvo13
Building Secure Extranets with Claims-Based Authentication #SPEvo13
 
[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams[Wilen] Enriching conversations with your data in Microsoft Teams
[Wilen] Enriching conversations with your data in Microsoft Teams
 
Introduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint DevelopersIntroduction to Azure Web Applications for Office and SharePoint Developers
Introduction to Azure Web Applications for Office and SharePoint Developers
 
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
How to provide AD, ADFS, DirSync in Windows Azure and hook it up with Office 365
 
Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365Directory Synchronization Single Sign-On in Office 365
Directory Synchronization Single Sign-On in Office 365
 
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST APIGet Some Rest - Taking Advantage of the SharePoint 2013 REST API
Get Some Rest - Taking Advantage of the SharePoint 2013 REST API
 
Identity Management in SharePoint 2013
Identity Management in SharePoint 2013Identity Management in SharePoint 2013
Identity Management in SharePoint 2013
 
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
Creating Cloud-Ready Enterprise Applications with the SharePoint 2013 Add-In ...
 
Introduction to Office and SharePoint Development
Introduction to Office and SharePoint DevelopmentIntroduction to Office and SharePoint Development
Introduction to Office and SharePoint Development
 
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep DiveECS19 - Jussi Roine - Microsoft 365 Deep Dive
ECS19 - Jussi Roine - Microsoft 365 Deep Dive
 
SharePoint and Office Development Workshop
SharePoint and Office Development WorkshopSharePoint and Office Development Workshop
SharePoint and Office Development Workshop
 
Office 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC RestonOffice 365 directory synchronization - SPSDC Reston
Office 365 directory synchronization - SPSDC Reston
 

Destacado

弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用Peter Chen
 
Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7Jaci Russo
 
Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)Ontico
 
Spring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny BorisovSpring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny BorisovJavaDayUA
 
React + Redux. Опыт использования
React + Redux. Опыт использованияReact + Redux. Опыт использования
React + Redux. Опыт использованияGDG Odessa
 
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...Ontico
 
Программа лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсыПрограмма лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсыNGM
 
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...Akihiko Kodama
 
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайнаСтудия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайнаMaxim Kyshtymov
 
Apache HBase at Airbnb
Apache HBase at Airbnb Apache HBase at Airbnb
Apache HBase at Airbnb HBaseCon
 
13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in PresentationsMelissa Milloway, MSIT
 
The Science of Memorable Presentations
The Science of Memorable PresentationsThe Science of Memorable Presentations
The Science of Memorable PresentationsEthos3
 
Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015Denise Jacobs
 
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop ConsultingAdvanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop ConsultingImpetus Technologies
 
Hadoop configuration & performance tuning
Hadoop configuration & performance tuningHadoop configuration & performance tuning
Hadoop configuration & performance tuningVitthal Gogate
 

Destacado (20)

Gerald Ibarreta CV
Gerald Ibarreta CVGerald Ibarreta CV
Gerald Ibarreta CV
 
弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用弱溶劑型塗料用 氟碳素樹脂的開發與應用
弱溶劑型塗料用 氟碳素樹脂的開發與應用
 
Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7Russo Revelation on Mad Men Vol 1.7
Russo Revelation on Mad Men Vol 1.7
 
Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)Жизнь в изоляции / Роман Дворнов (Avito)
Жизнь в изоляции / Роман Дворнов (Avito)
 
Enzymen 2e deel
Enzymen 2e deelEnzymen 2e deel
Enzymen 2e deel
 
Voortbeweging
VoortbewegingVoortbeweging
Voortbeweging
 
Spring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny BorisovSpring the Ripper by Evgeny Borisov
Spring the Ripper by Evgeny Borisov
 
React + Redux. Опыт использования
React + Redux. Опыт использованияReact + Redux. Опыт использования
React + Redux. Опыт использования
 
Hoofdstuk 11 deel 1
Hoofdstuk 11 deel 1Hoofdstuk 11 deel 1
Hoofdstuk 11 deel 1
 
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
Эволюция клиентской разработки от веба ко всеобщей мобилизации или mobile-fir...
 
Программа лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсыПрограмма лояльности B2B - тенденции, лучшие практики, кейсы
Программа лояльности B2B - тенденции, лучшие практики, кейсы
 
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
第59回 HTML5とか勉強会 ーIoT/WoT発表資料「Web Controller for V-Sido CONNECT:WebRTCとWebGLで作...
 
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайнаСтудия дизайна «Чипса» — игры разума, или как развивать студию дизайна
Студия дизайна «Чипса» — игры разума, или как развивать студию дизайна
 
Apache HBase at Airbnb
Apache HBase at Airbnb Apache HBase at Airbnb
Apache HBase at Airbnb
 
13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations13 Alternatives to Using Bullet Points in Presentations
13 Alternatives to Using Bullet Points in Presentations
 
Weapons of Influence
Weapons of InfluenceWeapons of Influence
Weapons of Influence
 
The Science of Memorable Presentations
The Science of Memorable PresentationsThe Science of Memorable Presentations
The Science of Memorable Presentations
 
Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015Hacking the Creative Brain - Web Directions 2015
Hacking the Creative Brain - Web Directions 2015
 
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop ConsultingAdvanced Hadoop Tuning and Optimization - Hadoop Consulting
Advanced Hadoop Tuning and Optimization - Hadoop Consulting
 
Hadoop configuration & performance tuning
Hadoop configuration & performance tuningHadoop configuration & performance tuning
Hadoop configuration & performance tuning
 

Similar a Kerberos part 2

Best Practice SharePoint Architecture
Best Practice SharePoint ArchitectureBest Practice SharePoint Architecture
Best Practice SharePoint ArchitectureMichael Noel
 
Roles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureRoles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureEduardo Castro
 
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...Knowledge Cue
 
Satish Chapekar Sys Admin
Satish Chapekar Sys AdminSatish Chapekar Sys Admin
Satish Chapekar Sys AdminSatish Chapekar
 
Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014Lukas Smith
 
Build on AWS: Migrating And Platforming
Build on AWS: Migrating And PlatformingBuild on AWS: Migrating And Platforming
Build on AWS: Migrating And PlatformingAmazon Web Services
 
Optimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System SolutionOptimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System Solutionaljimenez
 
Build on AWS: Migrating and Platforming
Build on AWS: Migrating and PlatformingBuild on AWS: Migrating and Platforming
Build on AWS: Migrating and PlatformingAmazon Web Services
 
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...corin29
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxrajeevrocks
 
Dev buchan leveraging
Dev buchan leveragingDev buchan leveraging
Dev buchan leveragingBill Buchan
 
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...Joel Oleson
 
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...Amazon Web Services
 
Patterns & Practices of Microservices
Patterns & Practices of MicroservicesPatterns & Practices of Microservices
Patterns & Practices of MicroservicesWesley Reisz
 
Managing Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the CloudManaging Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the CloudCloudBees
 
active directory fundamental for the beginner
active directory fundamental for the beginneractive directory fundamental for the beginner
active directory fundamental for the beginnerRivelynN
 

Similar a Kerberos part 2 (20)

Kerberos part 1
Kerberos part 1Kerberos part 1
Kerberos part 1
 
Best Practice SharePoint Architecture
Best Practice SharePoint ArchitectureBest Practice SharePoint Architecture
Best Practice SharePoint Architecture
 
Roles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL AzureRoles y Responsabilidades en SQL Azure
Roles y Responsabilidades en SQL Azure
 
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
SharePoint 2010 best practices for infrastructure deployments SharePoint Sat...
 
Satish Chapekar Sys Admin
Satish Chapekar Sys AdminSatish Chapekar Sys Admin
Satish Chapekar Sys Admin
 
Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014Decoupled cms sunshinephp 2014
Decoupled cms sunshinephp 2014
 
Build on AWS: Migrating And Platforming
Build on AWS: Migrating And PlatformingBuild on AWS: Migrating And Platforming
Build on AWS: Migrating And Platforming
 
Optimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System SolutionOptimize Your It Environment With An Hp Blade System Solution
Optimize Your It Environment With An Hp Blade System Solution
 
Build on AWS: Migrating and Platforming
Build on AWS: Migrating and PlatformingBuild on AWS: Migrating and Platforming
Build on AWS: Migrating and Platforming
 
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
Tipstricksandbestpracticesformanagingmicrosoftofficesharepointserver2007 0905...
 
Kerberos
KerberosKerberos
Kerberos
 
Presentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptxPresentatie-Tech-talk.pptx
Presentatie-Tech-talk.pptx
 
Dev buchan leveraging
Dev buchan leveragingDev buchan leveraging
Dev buchan leveraging
 
Technical Envirment Johan Olsson
Technical Envirment Johan OlssonTechnical Envirment Johan Olsson
Technical Envirment Johan Olsson
 
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
Teched Middle East New World of SharePoint 2010 Administration with Joel Oles...
 
Move to azure
Move to azureMove to azure
Move to azure
 
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
Orchestrating Machine Learning Training for Netflix Recommendations - MCL317 ...
 
Patterns & Practices of Microservices
Patterns & Practices of MicroservicesPatterns & Practices of Microservices
Patterns & Practices of Microservices
 
Managing Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the CloudManaging Software from Development to Deployment in the Cloud
Managing Software from Development to Deployment in the Cloud
 
active directory fundamental for the beginner
active directory fundamental for the beginneractive directory fundamental for the beginner
active directory fundamental for the beginner
 

Último

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 

Último (20)

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 

Kerberos part 2

  • 1. Spencer Harbar Kerberos Part Two:“Advanced” Scenarios and Additional Considerations
  • 2. About the speaker... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server SharePoint Patterns & Practices Advisory Board Member 15 years in Enterprise IT ISPA Board Member Enterprise Architect working with Microsoft’s largestcustomers deploying Office SharePoint Server 2007.
  • 3. About the speakers... Spencer Harbar - www.harbar.net | spence@harbar.net Microsoft Certified Master | SharePoint 2007 Microsoft Certified Master | SharePoint Instructor & Author Most Valuable Professional | SharePoint Server 15 years in Enterprise IT ISPA Board Member Bob Fox - www.spfoxhole.com/Blog/ | bfox11b@verizon.net Most Valuable Professional | SharePoint Services Specializing in SharePoint architecture and deployment B&R Business Solutions, LLC IT Professional with over 15 years experience ISPA Board Member
  • 4. Agenda Two-part session Part One (you missed it!) Authentication Methodologies Kerberos Overview Why Kerberos with SharePoint? Implementing Kerberos with SharePoint Common Problems Best Practices Part Two (this session!) Troubleshooting Shared Service Providers Search “Advanced” Scenarios Kerberos Only? More Tools Q&A/Discussion
  • 6.
  • 10. LSA
  • 14. Includes Codes, Possible Causes, Resolutions
  • 15.
  • 16. Kerberos Auditing Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogLevel Value Type: REG_DWORD Value Data: 1 Don’t leave on! Document “Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
  • 17. Kerberos DebugView Enabled via Registry HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarameterserbDebugLevel Value Type: DWORD Data: c0000043 (outputs the most standard set of debug messages) Try it first, If you still want to see more output, set it to ffffffff HKEY_LOCAL_MACHINEYSTEMurrentControlSetControlsaerberosarametersogToFile Type: DWORD Data: 1 Logs to %windir%ystem32sass.log Don’t leave on!
  • 18. Network Monitor Or alternative network capture tools Wireshark, NetSniffer, EtherDetect etc Captures packets for analysis Filter Capture for Authentication Will include detailed Kerberos related traffic Document“Troubleshooting Kerberos Errors” Includes Codes, Possible Causes, Resolutions http://www.microsoft.com/downloads/details.aspx?FamilyID=7DFEB015-6043-47DB-8238-DC7AF89C93F1
  • 19. The Great Load Balancing Myth “Kerberos doesn’t work with our Load Balancer” Load Balancers don’t know or care about Kerberos It’s not a Kerberos issue, it’s a addressing issue SharePoint Web Application Configuration Don’t use CNames (again!) Configure host name/host headers correctly Certain Load Balancers need to address hosts directly
  • 22. Shared Services stsadm.exe –o setsharedwebserviceauthn-negotiate
  • 23. Issues with Shared Services .NET client can’t bind to the server using non-default ports Without host headers SSP services use non default ports without host headers http://server:56737 & https://server:56738 Indexer can’t crawl Kerberos Web Applications on non default ports
  • 24. >1 SSP with different identities Office Server Web Services SharedServices1 HTTP/server1 domainser1 Duplicate SPN’s! HTTP/server1 domainser2 SharedServices2
  • 25. Shared Services Solution Install Infrastructure Updates (or later) on all servers in farm Add Registry KeyHKLMoftwareicrosoftffice Server2.0erberosSpnFormat Type: DWORD, Data: 1 Reboot! Configure SPNs (for each server in farm)MSSP/server1:56737/SharedServices1 MSSP/server1:56738/SharedServices1 Configure Shared Services stsadm.exe –o setsharedwebserviceauthn -negotiate
  • 26. Shared Services Kernel Mode Authentication Requires same configuration as end user applications You cannot mix and match NTLM and Kerberos In the same Farm Despite appearances Central Admin setting is scoped to SSP All SSPs must either be NTLM or Kerberos
  • 29. Delegation to External Apps All depends upon the application Potential for additional configuration “Middle Tier” Host Delegation Example SQL Server Reporting Services Host delegation if RS is on separate machines Web.config & RSReportServer.config
  • 30. Excel Services Do NOT follow KB953130! Easily the worst security KB ever authored Details a single MOSS server configuration! Just plain wrong, many steps unnecessary DCOM Configuration, Computer Account Delegation, etc OOTB Excel Services is a simple delegation scenario Configure Web App Application Pool account fordelegation to SSP SPN stsadm.exe -o set-ecssecurity -ssp %SSPNAME% -accessmodel delegation
  • 31. Excel Services & Analysis Services A more common scenario Leveraging Data Connections When using with Analysis Services Additional Configuration Service Principal Names for Analysis Services MSOLAPSvc.3/HOST MSOLAPSvc.3/HOST:instance Middle Tier Delegation MSKB 917409
  • 33. Kerberos Only? IIS uses NTLM, Negotiate, or both NTAuthenticationProviders = “Negotiate” Does not mean Kerberos only Negotiate will always “fall back” to NTLM HTTP_AUTHORIZATION server variable Can be leveraged in HttpModule Unsupported IIS7 in Windows Server 2008 R2 supports Nego2 allows granular Kerberos/NTLM enablement Requires Windows 7 clients
  • 34. Essential Tools CLI: Setspn.exe Windows Server 2008: installed by default Windows Server 2003: part of Resource Kit or separate downloadhttp://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd GUI: Adsiedit.msc Windows Server 2008: installed by default Windows Server 2003: part of support tools (on Windows CD) Kerbtray.exehttp://www.microsoft.com/downloads/details.aspx?familyid=4E3A58BE-29F6-49F6-85BE-E866AF8E7A88 Klist.exehttp://www.microsoft.com/DownLoads/details.aspx?familyid=1581E6E7-7E64-4A2D-8ABA-73E909D2A7DC Both part of the Windows 2003 Resource Kit Toolshttp://www.microsoft.com/downloads/details.aspx?familyid=9d467a69-57ff-4ae7-96ee-b18c4790cffd Network Monitor 3.3http://www.microsoft.com/downloads/details.aspx?FamilyID=983b941d-06cb-4658-b7f6-3088333d062f Fiddlerhttp://www.fiddlertool.com/DelegConfighttp://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1434http://www.iis.net/downloads/default.aspx?tabid=34&g=6&i=1887
  • 37. Thank You! Please complete your evaluations It makes us better next time!

Notas del editor

  1. SPENCE WILL KICK OFF
  2. SPENCE & BOB
  3. Spence
  4. Spence Demo
  5. Bob
  6. Spence Demo
  7. Spence
  8. Spence
  9. Spence Demo
  10. Spence