Configuring Kerberos authentication

To use Kerberos authentication, you must make sure that there is a PTR entry for each domain controller in the DNS system.

To configure Kerberos authentication:

1. In the application web interface window, select the Settings section, Single Sign-On login subsection.
2. In the Kerberos authentication settings group, set the Use Kerberos toggle switch to Enabled.
3. Click the Upload button to upload a previously created keytab file.

   The keytab file must contain the SPN of the Master server and Secondary master servers.

   The file selection window opens.

4. Select the keytab file and click Open.
5. Click Save.

   If the SPN of the Master server or the SPN of any of the Secondary masters servers is not found in the keytab file, the No SPN for Kerberos Single Sign-On status is displayed for this server in the Servers section. If no SPN for any of the servers is found in the keytab file, the Save button is not available.

Kerberos authentication will be configured. Users that complete authentication in Active Directory will be able to use Single Sign-On to connect to the application web interface. Access to application functionality will be determined by the rights of the application account.

When Kerberos authentication is disabled, the previously uploaded keytab file is deleted.

Page top