I have installed a brand new farm, Sharepoint 2010 Standard on Windows 2008 R2. I've configured Kerberos for SQL and SharePoint (verified that Kerberos is working with SQL and SharePoint Central Administration). This is the start of our company's
SharePoint experience (full-blown anyways, I've used WSS 2.0 and played with 3.0 in the past).
The TechNet documentation suggests that if this is a new SharePoint farm, to use Claims-Based Authentication from the start on Web Applications. It's also suggested to use a domain account to run the C2WTS service.
My question is what domain account should be used for the C2WTS service? I've already got many service accounts for different parts of SharePoint, and I wasn't sure if the C2WTS needed a special account as well, since there needs to be SPNs set on
it. Can I just use an existing account, and make sure the delegations are set right, or do I need to create a new account for just the C2WTS service?
View Complete Post