Kerberos setup - Browser Configuration
After uploading the keytab file, you will be redirected to the Kerberos Authentication Test page.
If you're lucky, this test will succeed on your first try:
Internet Explorer
In our case, we got a failing test. Internet Explorer has not been configured to send Kerberos tickets to http://issues.example.com. It falls back to sending NTLM tickets instead (which is seen as a username and password popup)
We need to make sure http://issues.example.com is placed in the Local Intranet Security Zone since that is a requirement for Internet Explorer to send Kerberos tickets.
The zone settings are usually set enterprise-wide using Group Policies. Here's the GPO we used to place *.example.com and https://issues.example.com in the Local Intranet Zone (Zone 1):
Other browsers
For more details on configuring Zone settings, and configuring Chrome and Firefox on Windows, Mac, and Linux, see our Browser Configuration Guide.