Hi Community.
I have a problem that I just can seem to figure out.
I have ARS 6 Administration Service
I have two web servers
I have configured a host header for a unique website. - arsadmin.mydomain.com on each node.
I have a DNS A record for arsadmin.mydomain.com point directly to the cluster IP Address (No Alias!)
I have the ARS admin site installed as a Virtual Dir. within the unique website on each node.
At the moment I have Basic authentication (default) enabled and when a user uses:
- http://ars.mydomain.com/ARSAdmin
It will authenticate the user and grant the user access (Using the virtual hostname)
When I change the authentication mechanism to Integrated Security (Kerberos) I get errors on the Administration service server (Security EventID540) and I can see it reverting to Basic Authentication (NTLM).
The user in the event is: NT Authority\Anonymous Logon
I read a bunch of information on setting up an SPN to allow kerberos authentication from the virtual hostname but I can not get this to work.
My question is.
Has anybody tried this? Does anybody know the correct procedure for setting up Quest Admin Website to work with a Network Load Balance Cluster using Integrated Authentication?
Thank you so much.
I have a problem that I just can seem to figure out.
I have ARS 6 Administration Service
I have two web servers
I have configured a host header for a unique website. - arsadmin.mydomain.com on each node.
I have a DNS A record for arsadmin.mydomain.com point directly to the cluster IP Address (No Alias!)
I have the ARS admin site installed as a Virtual Dir. within the unique website on each node.
At the moment I have Basic authentication (default) enabled and when a user uses:
- http://ars.mydomain.com/ARSAdmin
It will authenticate the user and grant the user access (Using the virtual hostname)
When I change the authentication mechanism to Integrated Security (Kerberos) I get errors on the Administration service server (Security EventID540) and I can see it reverting to Basic Authentication (NTLM).
The user in the event is: NT Authority\Anonymous Logon
I read a bunch of information on setting up an SPN to allow kerberos authentication from the virtual hostname but I can not get this to work.
My question is.
Has anybody tried this? Does anybody know the correct procedure for setting up Quest Admin Website to work with a Network Load Balance Cluster using Integrated Authentication?
Thank you so much.