Skip to main content

All,
I am stuck trying to figure this installation out.  I want to use Kerberos for K2 because I don't want to run into an issue down the road where users try to communicate with another server and the double hop issue comes into play.  Also, when we upgrade to SP13 we will be using Kerberos.   The problem I am facing is that the current SharePoint environment was setup to use NTLM, no claims. 


So my question is if K2 is setup to use Kerberos will it still function correctly against a SharePoint farm using NTLM? 

You should be able to configure K2 meet this requirement. 

 

First, you will need to configure K2 for Kerberos by setting the proper SPNs and delegation settings for the K2 Service accounts. Information on that can be found here: Kerberos Whitepaper

 

Second, you will need to set the delegationcontext in the K2HostServer.EXE.Config file to clientWindows. What is going to happen is that any call to K2 will attempt to use Kerberos and if that fails, it will then attempt to use Pass Through (NTLM).

 

The tricky part here is that I have seen scenarios where an incorrect Kerberos configuration can cause issues such as having SPNs on a service account that isn't fully configured for Kerberos but an attempt was made and now the left over artifacts from that attemp cause undesirable authentication issues with K2.

 

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings