Microsoft Knowledge Base Article 235529 contains the following summary:
This article describes the Kerberos authentication support for Windows 2000-based server clusters that has been added in Windows 2000 Service Pack 3 (SP3).
With versions of Windows 2000 earlier than SP3, the Cluster service does not publish Computer objects for virtual servers in Active Directory.
This means that virtual servers authenticate only by using NTLM or NTLM version 2. With Windows 2000 SP3, you can configure virtual servers to permit
clients to authenticate by using the Kerberos authentication protocol. If this is enabled, a Computer object is created for each corresponding Network
Name resource.
Kerberos authentication for the Network Name
resource on which Microsoft Exchange 2000 depends is not
supported on a
server cluster.
Exchange 2000 was not tested with the expectation that a cluster virtual
server would
support Kerberos authentication; this configuration may not function properly.
Future versions of Exchange Server may take advantage of Kerberos authentication for
server clusters.
Important: Note that Kerberos is supported on a SQL Server cluster.
For additional information about Kerberos authentication for Windows 2000 SP3, click the following article number to view the article
in the Microsoft Knowledge Base:
302389 Description of the properties of the cluster Network Name resource in Windows Server 2003
For additional information about Kerberos support for SQL Server 2000 on server clusters, click the following article number to view the article in the Microsoft Knowledge Base:
319723 SQL Server 2000 Kerberos support including SQL Server virtual servers on server clusters
