Is it possible to split authenication to have some devices use NTLM and others to bind to Kereberos. We are having issues with Ipads\ Iphones\ Smart devices basically when using NTLM Authenication. Has this ever been attempted? Or how do most customers deal with smart devices on their network??
I think this could be done through client.IP criteria.
Set the subnet used by mobile users to use kerberos auth and the rest to NTLM.