A project to use, considering a lot of projects will be used, convenient for colleagues and themselves can also facilitate the participation of others. So write detailed technical details all capture images are from the server, due to this project in English, all I write is also English admin guideline
Ok let ' s begin.
All Programs > Microsoft SharePoint Products > SharePoint Administration Enter Farm Administrator credentials when requested. Click on "Security"
And then click on "
configureservice Accounts”
Select from the list of services, Windows Service–claims to Windows Token Service, select from the list of Services the service "Windows Service–claims to Windows Token Service"
Here I'm simply stating that this is your claims to Windows Token Service Management login in Windows services
Add the WSS_WPG Windows Group to the C2wtshost.exe.config file
Start > All Programs > Accessories > Windows Explorer
Navigate to the following path: "C: \ Program Files\Windows Identity foundation\v3.5\ "
Open the file "C2wtshost.exe.config" in Notepad Locate section "<allowedCallers>"
Insert following section "<add value-" WSS_WPG ">"
Must to
Reset IIS you know?
next step. Start the service on the application servers
All Programs > Microsoft SharePoint Products > SharePoint Administration Enter Farm Adminis Trator credentials when requested. Click on "Application Management"
Click on "manageservices in Server" and then look for the "Claims to Windows Token Service" and check if it's S tarted If It is stopped, click on "Start" next to its title
Set The local permissions for the claims to Windows token Service
Start > Administrative Tools > Computer Management Select Node "Local Users and Groups" Select Node "Groups" Selec t the "Administrators" group. Right click and select ' Add to Group ... '
Click on "Add". Enter the Claims to Windows token Service Name%kerberos_c2wtsaccount%. Click on "Check Names". Click on "OK"
and then
Start > All Programs > Administrative Tools > Local Security Policy.
Select the node "Local policies". Select the node "User rights Assignment". In the ' Local Security Policy ', on the ' right side ', double click on ' Act as part of the operating system '
click on "Add User or Group" Enter the Claims-to-Windows token Service Name%kerberos_c2wtsaccount% click on "Check Na Mes "click on" OK "
Click on "Add User or Group" Enter the Claims-to-Windows token Service Name%kerberos_c2wtsaccount% click on "Check Names" Click on "OK"
In the ' Local Security Policy ', on the right side, double click on ' Impersonate a client after authentication
Click on "Add User or Group"
Enter the Claims to Windows token Service Name%kerberos_c2wtsaccount%
Click on "Check Names"
Click on "OK"
In the ' Local Security Policy ', on the right side, double click on ' Log on as a service '
Click on "Add User or Group"
Enter the Claims to Windows token Service Name%kerberos_c2wtsaccount%
Click on "Check Names"
Click on "OK"
And then Set a service dependency
Please note the This steps should is proceeded on each server that would be a hosting BI services in SharePoint Farm.
Start > Administrative Tools > Services
Look for the ' Claims to Windows Token Service ' and double click on the title
In the "Dependencies" tab Check if it is the service depends on other system components
If This is the case, and there is no dependency, you can continue with this section. Otherwise can jump to the following section
Start > All Programs > Accessories
Launch a Command Prompt as an administrator
To add the dependency, type the following command: "SC config c2wts depend= cryptsvc"
Note that a space was required between the equal sign and the value
You can then go back to the Services list and check for the ' Claims to Windows Token ' service that the dependency have been Added
SharePoint 2013 Platform Kerberos configuration detailed description (Configure Kerberos guideline)