AnsweredAssumed Answered

Kerberos setup Questions

Question asked by Srinivas.X.Meganath on Aug 27, 2014
Latest reply on Jun 26, 2015 by Patrick-Dussault

I had few questions on Kerberos setup.
I tested IWA NTLM successfully. But we wanted to configure Kerberos also.
Environment details:
AD DC: Windows 2008 R2
Policy server: R12.5 on Linux 6.3
IIS web server: windows 2008 R2, IIS7.5 with r12.5 agent.
Question is:
1. Windows web server service account creation is fine. And also we are able to login with this account into DC and also into windows server which is hosting IIS.
2. Policy server service account. We can login to DC with this account. But not to policy server host.
I assume this is fine. In one of the CA document, it was mentioned that synch the password of this account with linux account used to login to PS host for install etc.
Is this required?
CA document snippet:
A. Create a user, for example, sol8psuser, with the same password used for creating a service account for the Policy Server host (sol8ps) in Active Directory.
B. Add the host to the domain and login to host with user sol8psuser.


3. Also merging keytab files containing the host principal and service principal names for the Policy Server host is required if PS is in Lnux?
4. Any difference in generating keytab if policy server in windows or unix?



Thanks and Regards,

Srinivas Meganath.