Configuring Kerberos
You can configure the Kerberos® settings any time after the initial library configuration. Before you can configure Kerberos, you need to generate the Service Keytab file on your Kerberos (AD) server. For instructions, see Generating the Kerberos Service Keytab File.
 |
NOTE: This operation should not be performed concurrently by multiple administrative users logged in from different locations. You can access the appropriate screens, but you cannot apply changes while another administrative user is performing the same operation.
|
Users with administrative privileges can configure Kerberos, but users with user privileges cannot.
- From the Setup menu, select User Management > Remote Authentication.
The Setup - Remote Authentication screen appears.
- Under Authentication Type, do one of the following:
- To enable Kerberos, select Kerberos (Active Directory®): and continue with step 3.
- To disable Kerberos, select LDAP or Local Only and continue with step 6.
- To modify Kerberos configuration settings, continue with step 3.
- Type the Kerberos settings into the following Kerberos fields:
- Realm — The Kerberos realm name, typed in all uppercase letters. Usually the realm name is the DNS domain name.
- KDC (AD Server) — The server on which Kerberos is installed.
- Domain Mapping — The domain portion of the library’s fully qualified domain name.
- Upload the service keytab file. This is a file you generate on your Kerberos (AD) server. If you have not already generated this file, do so now. For instructions, see Generating the Kerberos Service Keytab File. Then click the Browse button to upload the file.
- Configure the LDAP settings as described in Configuring LDAP.
- Click Apply to apply any changes.
The Progress Window appears. The Progress Window contains information on the action, elapsed time, and status of the requested operation. Do one of the following:
- If Success appears in the Progress Window, the LDAP anad Kerberos settings were successfully applied. Click Close to close the Progress Window. Do one of the following:
- If you enabled LDAP or Kerberos, or modified LDAP or Kerberos settings, continue with step 5.
- If you disabled LDAP or Kerberos, continue with step 6.
- If Failure appears in the Progress Window, the LDAP settings were not successfully applied. Follow the instructions listed in the Progress Window to resolve any issues that occurred during the operation.
- Select Test to test all the new or changed LDAP settings.
The Progress Window appears. The Progress Window contains information on the action, elapsed time, and status of the requested operation. Do one of the following:
- If Success appears in the Progress Window, the LDAP Test was successful. Click Close to close the Progress Window. Continue with step 6.
- If Failure appears in the Progress Window, the LDAP Test failed. Follow the instructions listed in the Progress Window to resolve any issues that occurred during the operation.
- Save the library configuration.
For instructions on how to save the library configuration, see Saving the Configuration.
See also: