Windows Server 2022 Kerberos on AD DS w/ IIS DHCP DNS

[JMC31337]

Kerberos on AD DS w/ IIS DHCP DNS Installed

There were so many tutorials on how to properly get Kerberos configured on an AD DS setup,  mostly utilizing kerber with a 3 party cloud system, I wanted to establish Windows Authentication using only 1 provider "Negotitiate:Kerberos"
You can try to simply enable only this provider but it still wont work. Ive seen videos/tutorials explaining you need another account added into the AD or you need to setup a "service" account and yes technically this could be done, but here's step by step kerber provider only without any added accounts or services - you will however need to properly set your SPNs, and that was where I went wrong - so here's a quick step by step to have kerberos on your DC (there was a C# program released out of MCSFT called KerberosConfigMgrIIS which provided helpful info on exactly which settings should be put into place for Kerberos to work instead of the fall back to NTLM)

1) This assumes youve installed AD DS, IIS, DHCP, DNS server roles n' features and have promted your DS into a DC
2) You want to make sure you Windows Authentication installed (this can be added under web services in roles and features)
3) Enter into IIS Manager
4) select the IIS server and click authentication
5) disable everything but Windows Authentication
6) Click WinAuth -> adv settings & disable kernel mode auth
7) Afterwards click providers and remove all and add ONLY Negotiate:Kerberos
😎 Do the same thing ya just did with eh IIS server for the particular web site (mine was Default Web Site)

9) Lastly we need a Service Principle Name (SPN) so from powershell DO NOT blindly copy paste n run this (ehh ehh ehhhhh) but it shows ya how it would look like:

setspn -S HTTP/xabihsot.com abihsot

 

Note: My machine name was abihsot and the host name xabihsot.com

(screenshot below showing kerber ticket after winauth login prompt credentials supplied)

Edited August 27, 2021 by JMC31337
lets get serious

[nickfury1]

The comprehensive guide on developing a health insurance app provided by Attract Group is a valuable resource for anyone looking to embark on such a project. The detailed insights into the features, design principles, and technical considerations necessary for creating a successful health insurance app are extremely useful. The step-by-step approach and practical tips make it a must-read for developers and entrepreneurs in the healthcare industry. With expert advice and real-world examples, this guide is an invaluable tool for ensuring the successful development of a health insurance app.

Edited July 15 by nickfury1