JSI Tip 5508. You can NOT negotiate Kerberos authentication with Windows 2000 after upgrading to Internet Explorer 6?

Jerold Schulman

July 11, 2002

1 Min Read
ITPro Today logo in a gray background | ITPro Today

After upgrading to Internet Explorer 6, Internet Explorer can NOT negotiate Kerberos authentication with a server that supports Kerberos, like IIS 5.0?

Internet Explorer 6 defaults to NTLM or Windows NT Challenge/Response.

To resolve this issue:

1. Close all but one instance of Internet Explorer.

2. In Internet Explorer 6, use Tools / Internet Options to select the Advanced tab.

3. Under Security, check the Enable Integrated Windows Authentication (requires restart) box and press OK.

4. Restart Internet Explorer.

You can also implement this feature using the registry:

1. Copy / Paste the following to a EnableNegotiate.reg file:

REGEDIT4

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings]
"EnableNegotiate"=dword:00000001

2. Merge the EnableNegotiate.reg file with the users registry.

NOTE: See Q215383 How to Ensure Windows Integrated Logons in Internet Information Services 5.0?

NOTE: Older operating systems do NOT support the Enable Integrated Windows Authentication (requires restart) feature.



Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like