[ActiveDir] Kerberos Delegation

[Carlos Magalhaes]

Hey all,   Ok late at night here and I’ve hit a mental block (don’t laugh Dean). I have set this up like a gazillion times but this time cant get it to work.   Environment:   Windows 2003 Native Forest Mode – All clients Windows XP SP2 and above   Single forest single domain setup   Web Server – Windows Server 2003 Web Edition Share Point Team Services installed.   That site has a web part that requires Kerb delegation for access to a ISA firewall in order to stream RSS feeds. I can see on the ISA server that when ever any user hits the site the HTTP request is sent as ANONYMOUS.   So what I have done:   I have - Set webserver for delegation (Kerb Only) I have - Created username in AD and set for Delegation (Kerb Only) I have - Set the Share Point Portal Application Pools (IIS 6.0)  to use the AD user mentioned above for the Identity of the App Pool (rebooted IIS server) a.       Purged all tickets as well. I have - registerd a SPN for the -A HTTP DOMAIN\User mentioned Above   Still get Anonymous access on the ISA box, and using some normal .net code can see that its not delegating the creds correctly, can anyone see what I am doing wrong or what I should be doing? Thanks I appreciate the help so late in my night J   Carlos