JSI Tip 5508. You can <b>NOT</b> negotiate Kerberos authentication with Windows 2000 after upgrading to Internet Explorer 6?

After upgrading to Internet Explorer 6, Internet Explorer can NOT negotiate Kerberos authentication with a server that supports Kerberos, like IIS 5.0?

Internet Explorer 6 defaults to NTLM or Windows NT Challenge/Response.

To resolve this issue:

1. Close all but one instance of Internet Explorer.

2. In Internet Explorer 6, use Tools / Internet Options to select the Advanced tab.

3. Under Security, check the Enable Integrated Windows Authentication (requires restart) box and press OK.

4. Restart Internet Explorer.

You can also implement this feature using the registry:

1. Copy / Paste the following to a EnableNegotiate.reg file:


\[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\]

2. Merge the EnableNegotiate.reg file with the users registry.

NOTE: See Q215383 How to Ensure Windows Integrated Logons in Internet Information Services 5.0?

NOTE: Older operating systems do NOT support the Enable Integrated Windows Authentication (requires restart) feature.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.