Thanks for finding this Karl. Adding this line to logging.ini indeed fixed it:

log4j.logger.org.apache.http.client.protocol.RequestTargetAuthentication=ERROR, MAIN

Mark


On Mon, Nov 4, 2013 at 5:43 PM, Karl Wright <daddywri@gmail.com> wrote:
You'd want to set the logger change in the ManifoldCF logging.ini file.

Karl



On Mon, Nov 4, 2013 at 8:41 PM, Karl Wright <daddywri@gmail.com> wrote:
Hi Mark,

This warning comes from HttpComponents HttpClient.  It occurs because the system you are communicating with has "negotiate" set.  It's therefore trying first to find a Kerberos ticket, and failing that, falling back to NTLM.

There are two ways to fix this.  First is to find out how to disable the warning in HttpClient.  Second is to change the configuration of the target system's IIS from "Negotiate" to just plain "NTLM".  I wish I knew how to do the former; I suspect there's a way to do if you just google the message.

Karl



On Mon, Nov 4, 2013 at 8:29 PM, Mark Libucha <mlibucha@gmail.com> wrote:
Hi,

Anyway to eliminate this from my logs?

NEGOTIATE authentication error: No valid credentials provided (Mechanism level: No valid credentials provided (Mechanism level: Failed to find any Kerberos tgt))

I'm using an Active Directory authority with NTLM, which succeeds.

Not a big deal, but it would cut down on the size of the logs if there was a way to specify not to try Kerberos? Is there?

Thanks,

Mark