I'm trying out sharepoint and I'm installed MOSS2007 trial version. I selected kerberos authentication method during install. It installed everything and when I try to go Central Administration site from IE I get 401.1 error. In the security event log I get Failure audit event. If I try to access the site through Firefox it works fine and it uses NTLM as authetication method. I created SPN for service account and configured the trust for delegation for both the computer and the service account following instructions found here. Any ideas as to what I could be doing wrong?
EDIT: In the security event log The failure aud has the user as NT AUTHORITY\SYSTEM. I expected to see server farm account in there. The OfficeServer app pool and Central Admin app pool are both running under the farm account. Same for Windows SharePoint Services Administration and Windows SharePoint Services Timer service. Am I missing something else?
It is recommended to setup your SharePoint farm to use NTLM in the beginning to confirm everything is working at the basic level. A good overview on the how & why of Kerberos in SharePoint can be found here: http://www.harbar.net/presentations/kerberos.pdf
Previously, there wasn't that much guidance available directly from Microsoft on how to make this work. But this article on TechNet is a step in the good direction!
On the other hand, if you use host headers for your site and are unable to access central administration from the local machine but successful from another, take a look at KB896861