Mindbreeze Web Client not working on Windows 10 with Kerberos

Last update: 14 December 2017


With Kerberos Single-Signon activated, Windows 10 clients cannot connect to a Mindbreeze Client Webservices. Authentication is denied.

This behaviour is caused by the new Windows 10 functionality "Credential Guard" that restricts delegation of Kerberos tickets, that is neccessary to authenticate and communicate between services.


The issue can be solved in two different ways:

Configure Trusted peer certificate in the Mindbreeze Client Webservice

Using Trusted peer certificates, the Mindbreeze Client Webservice authenticates to the Mindbreeze Index services using the certificate.

If you need support activating trusted peer certificates, please contact Fabasoft Support.

Disable "Credential Guard"

Please follow the explanation from this Microsoft article: https://docs.microsoft.com/en-us/windows/access-protection/credential-gu...


Read more information about Credential Guard in the Microsoft TechNet: https://technet.microsoft.com/en-us/itpro/windows/keep-secure/credential...