From my understanding, Kerberos is tried first, then if it fails, fallback is to NTLM.
You need to set up SPN's to register the services, which are slightly different on SQL 2005. And to do this you need to be a Domain Administrator. SETSPN.exe is the tool, or ADSI Edit.msc can be used.
MSOLAPSvc.3/Machine Fully Qualified Name
MSSQLSvc/Machine Fully Qualified Name:port
These would be registered under the account the service is running under. We use a domain account to run these services.
Make sure the Machine is set up for delegation in Active Directory. Both the Machine and the User ID you use must be trusted to delegate.
run setspn -l Machine Name
expect to see HOST/Machine Name and HOST/Machine Fully Qualified Name
Hope this helps. IIS is similar. HTTP/Machine Name and HTTP/Mahcine Fully Qualified Name.
I run my Application pool under a domain account vs. Network Service. So there are a few local policies to tweak, and User needs to be in the local IIS_WPG.
My test environment is a mix of 32 bit and x64 bit machines - setup was the same. Documentation is not the best - most you will find refers to W2000 and SQL 2000. Slight changes in names of services and maybe whether a port is needed or not.