0

Kerberos Authentication Limitation (version 24)

Kerberos does not work when connecting to Identity from the local server using a FQDN

When a client on the Identity server connects to Identity using a FQDN and attempts to authenticate with Kerberos, the authentication will fail and a credentials dialog will appear. Entering valid credentials into the dialog will also fail, and the dialog will reappear.

This is happening because of a security feature in Windows that prevents authentication on the loopback address when the request is made using the FQDN. A description of the problem and a workaround are in KB 926642 . As stated in the article, the workaround is not recommended because it "may make your computer or your network more vulnerable to attack".

Reply

null