You must configure your browser before
you attempt to record Kerberos applications.
Before you begin
The client computer must be a member of the domain for which single
sign-on (SSO) has been defined.
About this task
To configure Internet Explorer to use Simple and Protected GSS-API
Negotiation Mechanism (SPNEGO):
Procedure
- Log on to Windows with a user ID for the domain for which SSO has
been defined.
- Start Internet Explorer.
- Click .
- Click the Security tab.
- Define the site to authenticate to using Integrated Windows Authentication.
Depending on your enterprise policy, you define the site in either the Local
intranet zone or the Trusted sites zone.
- To define the site in the Local intranet zone,
select Local intranet. The instructions that follow
assume that you are defining the site in the Local intranet zone.
- To define the site in the Trusted sites zone,
select Trusted sites. In the Security Settings for
the Trusted sites, click Automatic logon
with current username and password, not Automatic logon
only in Intranet zone.
- Click Sites.
- Click Advanced.
- Type the URL for the hostname for which you want to enable SSO.
For example, type http://abc.ibm.com.
- Click Add.
- Click OK.
- Click OK again.
- Click the Advanced tab.
- Scroll down to Security, and select Enable Integrated
Windows Authentication (requires restart). This option
is not available on Internet Explorer 5.5. Integrated Windows Authentication
is always enabled on Internet Explorer 5.5.
- Click OK.
- Restart Internet Explorer.