Hi, I would really appreciate prompt assistance with the following
question. I am installing K2 blackpearl (latest and greatest) on a
client environment.

K2 workspace and K2 server are on the same
dedicated box (win 2008, IIS7). SQL server is on another. No SharePoint
or Reporting integration yet.

I am configuring the authentication
to be Kerberos. Following the documentation, I have set SPNs for K2
Workspace and K2 Service Account. Delegation and everything is set.

Ok,
so I have installed the workspace on port 80. The workspace
authentication mode is Windows Integrated. I didn't set the 'Enable
Direct Metabase Edit' or the adsutil.vbs, because it doesn't seem to be
applicable.

So I am trying to validate the Kerberos setup and K2 Workspace...

On
localhost, the workspace opens successfully with the K2 service (or any
other domain) account. When we open the workspace in IE8 on another
machine (in the same, and only, domain) we are prompted multiple times
for credentials, before it errors out.

Yes, the site is added to
the Trusted, always pass credentials, etc. In FireFox it kind of works
(navigation is messed up, but the site opens).

On the Workspace/K2 server I now see a bunch of Kerberos errors.

Please
help? It must be something related to the authentication mode and the
Kerberos setup. I am 100% sure the SPNs are set correctly, I did it
myself and tripple-checked everything.

To summarize - when opening the workspace from another computer, I am being prompted 4 or 5 times for the same credentials, then errors out.

<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">

  <System>

    <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" />

    <EventID>4625</EventID>

    <Version>0</Version>

    <Level>0</Level>

    <Task>12544</Task>

    <Opcode>0</Opcode>

    <Keywords>0x8010000000000000</Keywords>

    <TimeCreated SystemTime="2010-03-01T16:26:08.888Z" />

    <EventRecordID>13014</EventRecordID>

    <Correlation />

    <Execution ProcessID="596" ThreadID="716" />

    <Channel>Security</Channel>

    <Computer>SPTESTBP1.some.domain</Computer>

    <Security />

  </System>



  <EventData>

    <Data Name="SubjectUserSid">S-1-0-0</Data>

    <Data Name="SubjectUserName">-</Data>

    <Data Name="SubjectDomainName">-</Data>

    <Data Name="SubjectLogonId">0x0</Data>

    <Data Name="TargetUserSid">S-1-0-0</Data>

    <Data Name="TargetUserName">

    </Data>

    <Data Name="TargetDomainName">

    </Data>

    <Data Name="Status">0xc000006d</Data>

    <Data Name="FailureReason">%%2313</Data>

    <Data Name="SubStatus">0xc000006a</Data>

    <Data Name="LogonType">3</Data>

    <Data Name="LogonProcessName">Kerberos</Data>

    <Data Name="AuthenticationPackageName">Kerberos</Data>

    <Data Name="WorkstationName">-</Data>

    <Data Name="TransmittedServices">-</Data>

    <Data Name="LmPackageName">-</Data>

    <Data Name="KeyLength">0</Data>

    <Data Name="ProcessId">0x0</Data>

    <Data Name="ProcessName">-</Data>

    <Data Name="IpAddress">192.168.1.XXX</Data>

    <Data Name="IpPort">64086</Data>

  </EventData>

</Event>