This article explains how to enable cross-network communication with Kerberos on a™ 2003 Server.

The following steps can be taken to enable Kerberos security on a™ Server.

Note: These steps must be performed on the™ Server machine locally – it should not be attempted remotely.
1)  Using™ Service Manager, right-click on the™ Server where Kerberos should be enabled and select “Edit Server Registration Properties...”.
2)  On the “ Server Registration Properties” window, select “Kerberos” as the Security Package and click “OK”.
3)  In™ Service Manager, right-click on the™ Server where you enabled Kerberos and select “Properties”.
4)  On the “ Server Properties” window, click on the “ Service Account” tab and specify the user that your Service should run under (this user should preferably be a member of the “Domain Admins” group in Active Directory. Note that the user account should be entered as <Domain Name>\<User Name>.
5)  Next, click on the “Add” button to add this instance of the Server to Active Directory, and then click “OK”.
6)  If you receive an error stating “Failed to update SPN”, the network administrator should use the “SetSPN.exe” utility as explained in the attached Kerberos Delegation document (provided by Microsoft®) to set a Service Principle Name (SPN) for this account in Active Directory. You should then be able to add this instance of the Server to Active Directory as explained in step 5.
7)  Restart your Service via the Services application.
8)  Reset the Internet Information Services (IIS) Service by opening a command prompt window (Click on Start | Run and type “cmd” in the “Open” textbox).
  On the command prompt, type in “iisreset” followed by Enter – you should see the following result
9)  Kerberos is now enabled on your™ Server.