K2 blackpearl Product Documentation: Installation and Configuration Guide
Farm configuration for Kerberos delegation
K2 blackpearl Installation and Configuration Guide > Prerequisites > Environment Configuration > User Authentication and Security > Kerberos for Windows Server 2008 > Farm configuration for Kerberos delegation Send feedback

Farm configuration for Kerberos delegation

Configuring Kerberos is an advanced task and should only be performed by an appropriately trained professional. The steps and configurations given in this help file are to be used as a guide - your system may require additional configuration due to different hardware and software compatibilities.

This topic deals with Farm configuration for Kerberos delegation and also applies to “Host” or “A” type DNS records.

Create a “Host” or “A” type DNS record.

Add SPNs to the Application pool identity or Service account (depending on if this is a web application or NT service)
Activate delegation on the service account/ application pool identity. (this is done through Active directory users and groups.

For Web servers only: force Kernel mode and Application pool identity use for delegation on the site.

See the section “IIS 7.0 – activate settings for the application pool” for more detail.
While infrastructure changes are required by K2, each environment is different and has its peculiarities which must be taken into account. Modifying the infrastructure could have unforeseen results if the changes are not appropriately understood or managed. Given the broad spectrum of underlying infrastructure utilized, it is recommended that a panel or committee with appropriate skill in each area concerned be assembled to outline the underlying infrastructure changes and gauge the impact of the required changes.

 

 

K2 blackpearl Product Documentation: Installation and Configuration Guide 4.6.10