I have Zabbix 2.0.6 (server/WebUI) installed on a RHEL6.4 VMware guest.

Kerberos is configured and working, and I can log into the Zabbix WebUI using AD credentials (no separate kerberos server).

However, I must continue to log in multiple times per page, and again every time the page or any of its widgets refreshes.

===logs===
#/var/log/httpd/access_log
X.X.X.X - - [04/Jun/2013:22:51:01 -0400] "GET /jsLoader.php?ver=2.0.6&lang=en_GB&showGuiMessaging =1&files[]=servercheck.js HTTP/1.1" 401 491
X.X.X.X - - [04/Jun/2013:22:51:02 -0400] "GET /jsLoader.php?ver=2.0.6&lang=en_GB&showGuiMessaging =1&files[]=servercheck.js HTTP/1.1" 401 491
X.X.X.X - username [04/Jun/2013:22:51:04 -0400] "GET /jsLoader.php?ver=2.0.6&lang=en_GB&showGuiMessaging =1&files[]=servercheck.js HTTP/1.1" 304 -
X.X.X.X - username<AT>DOMAIN.TLD [04/Jun/2013:22:51:04 -0400] "GET /images/general/sort_up_od.png HTTP/1.1" 200 235
X.X.X.X - - [04/Jun/2013:22:51:04 -0400] "POST /jsrpc.php?output=json-rpc HTTP/1.1" 401 491
X.X.X.X - username [04/Jun/2013:22:51:05 -0400] "POST /jsrpc.php?output=json-rpc HTTP/1.1" 200 383
X.X.X.X - username [04/Jun/2013:22:51:09 -0400] "POST /jsrpc.php?output=json-rpc HTTP/1.1" 200 62
X.X.X.X - - [04/Jun/2013:22:51:19 -0400] "POST /jsrpc.php?output=json-rpc HTTP/1.1" 401 491
#/var/log/httpd/error_log
[Tue Jun 04 22:51:01 2013] [error] [client X.X.X.X] krb5_get_init_creds_password() failed: KDC has no support for encryption type, referer: hxxps://FQDN/hostinventories.php?ddreset=1&sid=82c8f4fefcae1330
[Tue Jun 04 22:51:02 2013] [error] [client X.X.X.X] krb5_get_init_creds_password() failed: KDC has no support for encryption type, referer: hxxps://FQDN/hostinventories.php?ddreset=1&sid=82c8f4fefcae1330
[Tue Jun 04 22:51:04 2013] [error] [client X.X.X.X] krb5_get_init_creds_password() failed: KDC has no support for encryption type, referer: hxxps://FQDN/hostinventories.php?ddreset=1&sid=82c8f4fefcae1330
[Tue Jun 04 22:51:19 2013] [error] [client X.X.X.X] krb5_get_init_creds_password() failed: KDC has no support for encryption type, referer: hxxps://FQDN/hostinventories.php?ddreset=1&sid=82c8f4fefcae1330
===conf===
#/etc/httpd/conf.d/zabbix.conf
...
<Directory "/var/www/zabbix">
Options FollowSymLinks
SSLRequireSSL
AllowOverride All
Order allow,deny
Allow from all
AuthType Kerberos
AuthName "Kerberos Login"
require valid-user
KrbVerifyKDC off
KrbMethodNegotiate on

php_value max_execution_time 300
php_value memory_limit 128M
php_value post_max_size 16M
php_value upload_max_filesize 2M
php_value max_input_time 300
php_value date.timezone America/New_York
</Directory>
...
#/etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

[libdefaults]
default_realm = DOMAIN.TLD
dns_lookup_realm = true
dns_lookup_kdc = true
ticket_lifetime = 24h
forwardable = yes

[realms]
DOMAIN.TLD = {
}

[domain_realm]
domain.tld = DOMAIN.TLD
.domain.tld = DOMAIN.TLD

[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}


Help is greatly appreciated.

--TomaCzar