You can configure the following properties of your system:
Use Kerberos
Specifies whether a Kerberos-based login is allowed. This corresponds to the following property: com.aris.umc.kerberos.active
KDC
Specifies the fully qualified name of the central Key Distribution Center (KDC). This is usually the fully qualified host name of the LDAP server. This corresponds to the following property: com.aris.umc.kerberos.kdc
Realm
Specifies the realm of Kerberos tickets. Fully qualified domain name in uppercase letters. This corresponds to the following property: com.aris.umc.kerberos.realm
Principal
Specifies the name of the technical user used for verifying Kerberos tickets.
If Kerberos is used, each user, computer or service provided by a server must be defined as a principal. This corresponds to the following property: com.aris.umc.kerberos.servicePrincipalName
Key table
Specifies the location of the keytab file that is used for Kerberos tickets. This corresponds to the following property: com.aris.umc.kerberos.keyTab
Upload
To upload the key table file, click
Upload under the Key table field.
Configuration file
Storage location of the configuration file for Kerberos. The file can be uploaded directly.
This corresponds to the following property: com.aris.umc.kerberos.config
Upload
To upload the configuration file, click
Upload under the Configuration file field. You find this file on you installation medium under Add-ons\Kerberos.
You can configure the following properties of your system:
Debug output
Specifies whether debug output is allowed for Kerberos operations. This corresponds to the following property: com.aris.umc.kerberos.debug
Allow local users
Specifies whether the LDAP connection is mandatory for Kerberos-based login. If this option is enabled, Kerberos is used for the login of local users also. This corresponds to the following property: com.aris.umc.kerberos.allowLocalUsers
Validate user name
Specifies whether or not the realm defined for the user principal name provided in the Kerberos ticket is to be ignored. The default value is false. This corresponds to the following property: com.aris.umc.kerberos.validateuser
Default tenant
Specifies the default tenant for a Kerberos-based login. This corresponds to the following property: com.aris.umc.kerberos.tenant
Cross-tenant property that can only be changed using ARIS Cloud Controller. For more information, refer to ARIS Cloud Controller (ACC) Command-line Tool manual.