I am working on MOSS 2007. I need to access a webservice which resides in a DEV Domain. I am running VPC in windows server 2003 with local user's account as well DEV account (added VPC in DEV domain). I recently changed my app pool account from VPC's local user to DEV Account (to access network's web service in my custom workflow). My workflows are giving error "Failed on Start" and then I realized that I should change Service Accounts in Central Admin. Here am wondering whether I can change this account by selecting a web application pool and configured account or not. It is showing me a dailogbox.... "The web application is being updated is using Kerberos authentication. A domain administrator must update the service principle name for the web application to use the new account. Do you want to continue?" What if i say yes ...will my site affects with this change. What is the principle name in webpaplication to change?? Can anyone suggest me how it works. currently I am using the local user's app pool account to get work my workflows with out touching web service. Because if I need to get access to the web service I definitely have to change the app pool to my dev account. Thanks.

The kerberos protocol relies on a set of SPNs that must be configured in order for authentication to work. This is because (in contrast to Integrated Windows authentication) the KDC needs a method to determine whether or not to grant a ticket. So in your scenario, you must set an SPN against the domain user (DEV) account in order for anyone to access the Web application associtaed with the application pool in question. Once the SPN is configured, you will then be able to configure the account via central administration. There is a good series of articles on configuring kerberos authentication available at http://blogs.msdn.com/b/martinkearn/archive/2007/04/23/configuring-kerberos-for-sharepoint-2007-part-1-base-configuration-for-sharepoint.aspx and http://technet.microsoft.com/en-us/library/cc263449(office.12).aspxBenjamin Athawes Twitter SharePoint Blog