I already checked on all tomcat logs, and cannot find anyting useful, you mention a "negoserver", but what I have is simply a library used by the Tomcat hosted webapps.
In the application's log I have lines like the following:
05.09.2016 14:05:06.425 FINE net.sourceforge.spnego.SpnegoProvider.getUsernamePasswordHandler username=XXXXXX; password=123456789
While on catalina.out I have:
Aug 29, 2016 8:29:05 AM net.sourceforge.spnego.SpnegoAuthenticator <init> FINE: config=allowBasic=true; allowUnsecure=true; canUseKeyTab=false; clientLoginModule=spnego-client; serverLoginModule=spnego-server
Aug 29, 2016 8:29:05 AM net.sourceforge.spnego.SpnegoProvider getUsernamePasswordHandler FINE: username=serviceUser; password=987654321
On the Domain Controllers I can see that the serviceUser is authorized for all the application servers involved, and the password is correct
To complete my description, the Tomcat servers are hosted on SuSE Linux servers, and these are very similar (should be identical, but I am starting to doubt it :/ ) between the working one and the not working one.
Thank you for your suggestions