Fabian Williams SharePoint Blog

Solving problems with SharePoint day and night

How To: Configure and Consume Kerberos for use in SQL Server 2008 R2 and SharePoint 2010 Part 2


 

Part 1: – How To: Configure and Consume Kerberos for use in SQL Server 2008 R2 and SharePoint 2010 Part1

Part 2: – Configuring Service Applications, Sites, and Verifying our Work

Part 3: – Test out Using Web Parts and Communicating Securely across Web Applications with Kerberos

 

Synopsis

In Part 1 we covered the installation of SQL, creating SPN’s for SQL, creating and configuring Service Accounts for SharePoint and the requite SPNs for SharePoint Service Applications and Web Applications.  In this Part 2 we will pick up from there an build out the following

  • Create, Configure Search Service Application
  • Create Kerberos Authentication Web Applications for
    • Intranet Site – Portal
    • Team Site – Teams
    • My Site – My
  • Create Site Collections for all three

Part 5: How to Make it Work

NEXT I WILL START CREATING SERVICE APPLICATIONS

MY FIRST ONE WILL BE SEARCH SO WHEN I CREATE MY SITES, THEY CAN ALREADY BE SQUARED AWAY FOR CRAWLING AND SEARCHING

So, right now my Service Applications is Naked.. lets get Search done first so when we create or Web Apps they will be added to the Content Source of the Search Service Applicaitons.

clip_image001

Screen clipping taken: 8/14/2010 11:29 AM

clip_image002

Screen clipping taken: 8/14/2010 11:39 AM

clip_image003

Screen clipping taken: 8/14/2010 11:49 AM

clip_image004

Screen clipping taken: 8/14/2010 11:51 AM

Now I will create my Web Apps for

  1. Portal
  1. Teams
  1. My

Right now the only Site is the Admin Site

clip_image005

Screen clipping taken: 8/14/2010 12:01 PM

We begin by creating a new Web App for our Portal

clip_image006

Screen clipping taken: 8/14/2010 12:03 PM

Change the Auth Provider to Kerberos

clip_image007

Screen clipping taken: 8/14/2010 12:04 PM

Create a new App Pool with the Managed Account that we have and already created the SPN for

Name your Content DB appropriately

clip_image008

Screen clipping taken: 8/14/2010 12:05 PM

Accept the other Defaults

clip_image009

Screen clipping taken: 8/14/2010 12:06 PM

Once you click OK you will get prompted about the use of Kerberos

clip_image010

Screen clipping taken: 8/14/2010 12:06 PM

clip_image011

Screen clipping taken: 8/14/2010 12:09 PM

Comfirmation is provided

clip_image012

Screen clipping taken: 8/14/2010 12:10 PM

Verify Auth Provider

clip_image013

Screen clipping taken: 8/14/2010 12:11 PM

Click Default

clip_image014

Screen clipping taken: 8/14/2010 12:14 PM

clip_image015

Screen clipping taken: 8/14/2010 12:14 PM

Now lets create a Site collection

clip_image016

Screen clipping taken: 8/14/2010 12:18 PM

clip_image017

Screen clipping taken: 8/14/2010 12:20 PM

clip_image018

Screen clipping taken: 8/14/2010 12:48 PM

And if all goes well

clip_image019

Screen clipping taken: 8/14/2010 1:22 PM

Let us now verify that Kerberos is what was used to get us to this point

We will use a variety of techniques

FIRST THRU IIS

clip_image020

Screen clipping taken: 8/14/2010 1:27 PM

clip_image021

Screen clipping taken: 8/14/2010 1:31 PM

clip_image022

Screen clipping taken: 8/14/2010 1:32 PM

clip_image023

Screen clipping taken: 8/14/2010 1:39 PM

You can also run Klist on the WFE

clip_image024

Screen clipping taken: 8/14/2010 1:56 PM

This is also what we have as far as Databases created so far based on our configs

clip_image025

Screen clipping taken: 8/14/2010 1:57 PM

clip_image001[4]

Screen clipping taken: 8/14/2010 2:07 PM

clip_image002[4]

Screen clipping taken: 8/14/2010 2:07 PM

clip_image003[4]

Screen clipping taken: 8/14/2010 2:08 PM

clip_image004[4]

Screen clipping taken: 8/14/2010 2:09 PM

DO THE SAME FOR the MySite

Then we should have the following Web Apps Created

clip_image005[4]

Screen clipping taken: 8/14/2010 2:18 PM

clip_image006[4]

Screen clipping taken: 8/14/2010 2:37 PM

clip_image007[4]

Screen clipping taken: 8/14/2010 6:01 PM

On the MySite turn on Self Service Site Creation

clip_image008[4]

Screen clipping taken: 8/14/2010 6:05 PM

Advertisements

August 15, 2010 - Posted by | IIS, Kerberos, SharePoint 2010, SharePoint 2010 RTM, SharePoint How-To

1 Comment »

  1. […] This post was mentioned on Twitter by Fabian Williams and Greg Hurlman, Adotob LLC. Adotob LLC said: @fabianwilliams blogged Part 2 #Kerberos configured #SQL2008R2 & #SharePoint 2010 covers Service Apps & Web Sites http://bit.ly/9NidF6 […]

    Pingback by Tweets that mention How To: Configure and Consume Kerberos for use in SQL Server 2008 R2 and SharePoint 2010 Part 2 « Fabian Williams Blog -- Topsy.com | August 15, 2010 | Reply


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: