Kerberos setup for SharePoint 2013
If using Kerberos then the following needs configuring (this is similar to how it is done for SP2010). Note: The authentication method for Web Applications must be Claims (the default) if you want to support all SharePoint App scenarios. Classic Windows authentication is not supported (in SharePoint 2013 the only way to create this type of Web Application is using PowerShell). Create SPNs In a PowerShell window create the SPN’s for each web application for both the short name and FQDN, e.g. setSPN –S HTTP/PORTAL DOMAIN\PortalAppPool setSPN –S HTTP/PORTAL.DOMAIN.COM DOMAIN\PortalAppPool Allow ‘Trust for delegation’ Open Active Directory Users and Computers applet View the Properties for your SharePoint server On the Delegation tab select Trust this computer for delegation to any service Click Ok Repeat steps a-d for any other servers that will need to delegate authentication, e.g. all WFE’s, CA, App server, etc. Configure SharePoint Web Application to use Kerberos authenti...