When setting up FIM 2010 R2 in a test lab, I did not go through the motions to set up SPNs to enable Kerberos AuthN. Now, while looking at BHOLD pre-reqs, it also mentions to configure SPNs. However, is this only in the case that you care Kerberos
is being used. Security issues aside, will not configuring SPNs and therefore not using Kerberos cause functional issues for FIM/BHOLD down the road. I presume the AuthN protocol is downgraded to NTLM if Kerb is not enabled.