We now have it working though it takes an excessive long time for the ntlm/auth to return an answer (30+ seconds). Not sure where to go right now, I opened a support case, hopefully we'll get to the bottom of it. If anybody knows what log file to look in, point me in the right direction please.
One mod was needed to the bottom line of the kerberosconfig.bat from:
ktpass /princ HTTP/insights-dev.cnvrmedia.net.CORP.VALUECLICK.COM /pass %adpass% /ptype KRB5_NT_PRINCIPAL /out keytabs\kerberos.keytab
ktpass /princ HTTP/insights-dev.cnvrmedia.net@CORP.VALUECLICK.COM /pass %adpass% /ptype KRB5_NT_PRINCIPAL /out keytabs\kerberos.keytab
Is anybody out there using Kerberos? I have a case opened up with support and it is sitting idle. I have it working however it seems that the mtlm/auth request is taking 30+ seconds to return an answer.
We use Kerberos for auto-login and for SQL Server impersonation. All traffic goes through an F5 BIG-IP, and we do not have any issues with long auth requests. Relevant logs would be httpd access logs, and probably the Security events in Windows--that's where I'd look if you haven't already. But I've not had to dig much into auth issues with Kerberos--it's made things a lot easier for us.