Wednesday, May 20, 2009

Kerberos - Pros & Cons

Pros:

  1. Faster performance is experienced when using Kerberos as it caches information about the client after authentication. This means that it can perform better than NTLM particularly in large farm environments
  2. Delegation - Kerberos can delegate the client credentials from the SharePoint front-end web server to other back-end servers like Oracle. So you are eliminating double hops. (Login Challenges)
  3. You can also with MOSS 2007 utilize RSS feeds "Within your SharePoint Environment" 
  4. Microsoft recommends to "Use Kerberos authentication for sites with a high security service level agreement."
  5. Federated Search between Farms (e.g., will work based as the user credentials are passed automatically.)
  6. Planning on utilizing BDC some LOB Applications will require Kerberos authentication.
  7. SQL Serer Reporting Services integration works well with Kerberos.
  8. Switch back to NTLM is possible.

 

Cons:

  1. In Active Directory, SPN should be configured carefully .If not troubleshooting is difficult

 

Related Links:

http://technet.microsoft.com/en-us/library/cc288475.aspx

http://ablog.apress.com/?p=1127

http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/de88fb8c-0101-4413-9855-34501569e077

http://blogs.msdn.com/martinkearn/archive/2007/04/23/configuring-kerberos-for-sharepoint-2007-part-1-base-configuration-for-sharepoint.aspx

 

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)