Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Enterprise Mobility Server 3.5
  3. Configuring the BlackBerry Docs service
  4. Steps to configure the Docs service
  5. Configure the Docs security settings
  6. Configuring Kerberos constrained delegation for Docs
  7. Configuring Kerberos constrained delegation for the Docs service
  8. Find the SharePoint application pool identity and port

Find the
SharePoint
 application pool identity and port

Make sure that you create a list of web applications that are going to be shared through the
Docs
 service.
  1. Open
    Windows
     Internet Information Services (IIS) Manager.
    Make sure that you record any additional port numbers that are assigned if a web application was extended to create alternate access mappings.
  2. Find the Application Pool identity in the
    Application Pools
     list view or in
    SharePoint Central Administration > Security > Configure service accounts
    .
    In most instances, for Kerberos constrained deleagtion (KCD) to work properly, the application pool identity user must be the same for all application pools whose applications will be accessed by the
    Docs
     service. This means you cannot have different application pools running under different users.
  3. In
    SharePoint Central Administration
    , on the
    Web Applications
     tab, find the port for each of the web applications listed. Look in the
    Alternate Access Mappings
     view as necessary.
  4. In the
    Sharepoint Central Administration
    , open the
    Application Management
    , choose the web application and click
    Authentication Providers
     in the ribbon bar. Make sure that the authentication type for each web application is set to
    Windows
     and that
    Negotiate (Kerberos)
     is enabled under
    IIS Authentication Settings
    .
    In certain scenarios, switching to Negotiate (Kerberos) might require enabling Kernel-mode authentication in IIS for the corresponding IIS site. For more information, visit the MSDN Library to see Service Principal Name (SPN) checklist for Kerberos authentication with IIS 7.0/7.5.