[modauthkerb] Mod_auth_kerb: Warning: received token seems to be NTLM, possible issues?

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I'm trying to set up mod_auth_kerb with `Debian/Apache` and a `Windows2008`
Active Directory.
This works:

    kinit -k -t /etc/krb5.keytab HTTP/myhost.domain.local
    I see a valid ticket in klist, with Service Principal
krbtgt/MYH...@MY...

This is in my Apache error log:

    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1628): [client
10.50.109.64] kerb_authenticate_user entered with user (NULL) and auth_type
Kerberos
    [Sun Mar 24 16:41:11 2013] [debug] mod_deflate.c(615): [client
10.50.109.64] Zlib: Compressed 528 to 355 : URL /private/auth.php
    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1628): [client
10.50.109.64] kerb_authenticate_user entered with user (NULL) and auth_type
Kerberos
    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1240): [client
10.50.109.64] Acquiring creds for HTTP@myhost
    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1385): [client
10.50.109.64] Verifying client data using KRB5 GSS-API
    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1401): [client
10.50.109.64] Client didn't delegate us their credential
    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1429): [client
10.50.109.64] Warning: received token seems to be NTLM, which isn't
supported by the Kerberos module. Check your IE configuration.
    [Sun Mar 24 16:41:11 2013] [debug] src/mod_auth_kerb.c(1101): [client
10.50.109.64] GSS-API major_status:00090000, minor_status:00000000
    [Sun Mar 24 16:41:11 2013] [error] [client 10.50.109.64]
gss_accept_sec_context() failed: Invalid token was supplied (, No error)

If I activate fallback to Basic Auth and enter credentials, it works fine.
I checked IE settings, registry settings, tried with Firefox or Safari, but
they all keep giving the same issue. I feel like I've been over and over
dozens of tutorials and configuration changes, but I can't seem to find the
needle.

Is this error message just misleading or what am I missing? Any help is
strongly appreciated, I just can't seem to find anyone who's able to do
this in my environment.

Sincerely

Kurt