How can I connect to SharePoint site protected by Kerberos authentication?

To connect to SharePoint site with Kerberos authentication you need to know two parameters of your network:

1. Kerberos Key Distribution Center (KDC) which in the case of Windows domains is the Windows domain controller
2. Kerberos Realm

KDC server in case of Windows netowrk could be detected by running command promd (Start / Run / cmd) and executing the following command:

echo %logonserver%

Kerberos Realm should be learned from network administrator.

Download ZIP file with MetaVis Kerberos configuration files using this link: http://www.metavistech.com/~metavis/KerberosConfiguration.zip . Copy two files:  krb5.conf and login.conf in the root of drive c:. Edit krb5.conf to replace REALM with your Kerberos Realm and DOMAINCONTROLLER with your domain controller. Replace MetaVis.ini file located in MetaVis installation folder on your hard drive (defaul location is c:\Program Files\MetaVis Technologies\metavis) with the one from archive. In case you copied krb5.conf and login.conf to different locations edit MetaVis.ini file to reflect the new location of these files. In all cases use Wordpad for editing since Notepad would not display new line characters correctly.

After this start MetaVis and try to connect. If connection does not work then add the following registry settings:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\
Value Name: AllowTGTSessionKey
Value Type: REG_DWORD
Value: 0x01

To do this open registry editor (Start / Run / then type regedit ). In the registry editor expand HKEY_LOCAL_MACHINE node, then SYSTEM, then CurrentControlSet / Control / Lsa / Kerberos. Right click on the right side, select New  / DWORD (32 bit) Value, enter name AllowTGTSessionKey, click Ok, double click on new record and enter 1 as a value. It should finally look like this:

For server computers make the same registry entry but in the following registry section:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters

After registry setting is modified try to connect to the site again. In case it still does not connect check the realm and domain controller information in krb5.conf file and run MetaVis in debug mode to diagnose Kerberos negotiation. To do this right click on MetaVis icon on the desktop and add parameter -consolelog after the double quote character of the Target field of the shortcut properties. After this save the properties and run MetaVis from this shortcut. MetaVis will startup together with black windows that will display the log. Connect to the SharePoint site and send us the content of the black window. To do this, right click on the black window title bar, select Edit / Select All. It will select all text inside this window. Then press <Enter> to copy this text into clipboard. Paste it into the email message ans send it to support@metavistech.com