SharePoint 2010 & TFS 2010 Integration

Be careful when changing web application authentication methods. Upon switching to Kerberos we had several issues crop up on our TFS web app. For example, we had disabled anonymous access in CA, however, this doesn’t alway propogate to IIS. So, it was manually disabled. Upon switching authentication providers, it reset the Anonymous to enabled causing the creation of project portals to fail. In addition, depending on how many AD groups a user is included in, Domains etc, the header for hte kerb ticket can be so large that you get 400 errors. Kerberos, rather than session based, is currently authenticating each object on the page, actually adding more overhead. There’s a fix for the size of the header by adding a reg key, but my advice, switch back to NTLM if you can and lose the headache!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: