Kerberos SSO with MS Sharepoint

tak10
Contributor II

I'm trying to figure out a way to pass Kerberos ticket via browser trying to login to our company Sharepoint.

For whatever the reason, the developer who came in designed the sharepoint this way.
-The main page is setup under our company domain sharepoint.companydomain.com.
-The apps developed for sharepoint is loaded from sharepoint.companydomainapp.com.

I don't know if this is normal way of doing this but the Kerberos ticket only works within .companydomain.com page. When loading multiple apps from companydomainapp.com domain, the users are prompted with authentication. When multiple apps are loaded it prompts from multiple login and the user thinks the page is broke so they report it to the help desk.

I believe the Kerberos ticket is showing up as username@companydomain.com, this will not work with companydomainapp.com.

I just want to hear from all of the smart Mac people out here how you are integrating Kerberos or NTLM authentication to Microsoft Sharepoint.

Thanks in advance.

3 REPLIES 3

jrserapio
Contributor

What is the behavior you are getting? Having to login to element of the page or just having to login?

Have the Sharepoint team enable Claim Authorization. That seemed to have to work for me.

AVmcclint
Honored Contributor

I think this discussion explains it a little more: https://jamfnation.jamfsoftware.com/discussion.html?id=14055
I, too, am experiencing the same headache you are and I've let our server folks know what they need to adjust but because all the Windows machines don't have a problem with it, that makes it "a Mac problem" and they won't make any changes. I hope your server admins are a little friendlier. Good luck to you!

bentoms
Release Candidate Programs Tester

@tak10 see my reply in the thread that @AVmcclint linked