Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry Enterprise Mobility Server 3.8
  3. Configuring the BlackBerry Docs service
  4. Steps to configure the Docs service
  5. Configure the Docs network and security settings
  6. Configuring Kerberos constrained delegation for Docs
  7. Add Kerberos constrained delegation in Microsoft Active Directory for Microsoft SharePoint

Add
Kerberos
 constrained delegation in
Microsoft Active Directory
 for
Microsoft SharePoint

There is a limit of 1300 services that can be delegated to one account.
If you want to configure
Kerberos
 constrained delegation (KCD) for File Share repositories only, do not complete this task.
Verify that you have Created Service Principal Names.
  1. Open
    Microsoft Active Directory Users and Computers
    .
  2. In your domain, click
    Users
    .
  3. Right-click the service account that you want to use to administer
    Kerberos
     constrained delegation. Click
    Properties
    .
  4. In the
    Microsoft Active Directory
     account properties, on the
    Delegation
     tab, select the following options:
    • Trust this user for delegation to specified services only
    • Use any authentication protocol
  5. Click
    Add
    .
  6. Click
    Users or Computers
    .
  7. In the
    Enter the object names to select
     field, type one of the following:
    • If the
      SharePoint
       web application is running under a domain user account, type the
      SharePoint
       Application Pool identity username.
    • If
      SharePoint
       web application is running under the Network Service account, type the
      Microsoft SharePoint
       server name.
  8. Click
    OK
    .
  9. In the
    Add Services
     dialog box, select the HTTP service that corresponds to the
    SharePoint
     web applications running under the account specified in step 7.
  10. Click
    OK
    .
  11. Repeat Steps 4–9 for each application pool identity user and each Web Application identified.