I recently worked with Dave DuVarney while he was configuring one of our Reporting Services instances for Kerberos authentication. While working through it, he suggested we take a look at network traffic to see what's actually happening. Turns out, that DuVarney fellow has some clever ideas now and then 😉
We used Network Monitor 3.4 for our tests and really weren't 100% on what we were looking for. Examining traffic over the KerberosV5 protocol, you'll always seem some chatter from the krbtgt as it does whatever it does, but other than that, we just kind of captured and sifted. Here are a few examples of what we saw:
Next, add the text "KerberosV5" to the Display Filter and click Apply. Then Start the capture and make sure you click on "All Traffic" in the Network Conversation pane (the Frame Summary only displays traffic for the conversation(s) you have selected in that pane):
Finally, attempt to connect to Report Manger on the SSRS instance you're configuring (you must have the RSWindowsNegotiate authentication type at the top of the authentication list in the RS config).