I have configured Kerberos authentication in my SharePoint 2013 environment.
on a client machine I purge the kerberos tokens by using (klist purge) and then I browse SharePoint.
I also keep fiddler, kerbray and klist running.
In fiddler trace .... I see that for authorization Cookie it is using YII
And as per this blog article I must be using kerberos because I see YII in the authorization
alright Great!!!
But when I run klist on my machine. it comes empty. I am also runnign kerbtray and that also shows me no new tokens.
Now whom should I believe? is my authentication REALLY happening on kerberos or not?
In my IIS I have removed NTLM and have only negotiate as my authentication provider. And since the site loads just fine... it would strongly suggest that kerberos is being used along with the evidence from fiddler.
Then why don't klist or kerbtray show me the token for HTTP which they got from IIS/SharePoint
val it: unit=()