I am wondering if anyone has successfully implemented QSJ such that SPNEGO will never fail over using only a one way trust. Microsoft says a 2 way is required to assure always Kerberos and in our pseudo-scientific laboratory environment (created and managed by semi-technicians like myself) that proved to be the case. One way trust resulted in NTLM failover, always. We find a bit of documentation stating this can be done with a one way trust, i'm curious if anyone is doing this with QSJ. thanks in advance.
↧