It appears as though you need to create a proper SPN/keytab from the AD server: http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/tsec_SPNEGO_config_dc.html -----Original Message----- From: centos-bounces@xxxxxxxxxx [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of David Brian Chait Sent: Friday, March 11, 2011 1:15 PM To: CentOS mailing list Subject: Re: Apache/Active Directory authentication > I looked in AD configuration and see that my server does not have appropriate ServicePrincipalName for HTTP (only host). Of course it doesn't, you gathered that ticket by joining the domain with Samba, but are not using samba auth with apache... _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos