Using Kerberos for Authentication
Kerberos is a network authentication protocol that is designed to provide strong authentication for client/server applications by using strong cryptography. Such authentication enables a client to prove its identity to a server (and vice versa) across an insecure network connection.
The following table briefly outlines the steps to configure BMC Remedy Single Sign-On for Kerberos authentication.
To enable Kerberos authentication, you need to set up a server. This server is called a Key Distribution Center (KDC) which manages the Kerberos protocol.
In this instance, a domain controller is configured as a KDC.
|2.||In the BMC Remedy Single Sign-On Admin console, the process for Kerberos authentication is the same as SAML. But the differentiation in terms of implementing the Kerberos protocol happens at the domain controller (Key Distribution Center) and the ADFS (Identity Provider) ends.|
|3.||Configuring ADFS for Kerberos authentication||After you configure BMC Remedy Single Sign-On as the local service provider and ADFS as the remote identity provider in the BMC Remedy Single Sign-On Admin Console, you must configure ADFS to handle the Kerberos protocol.|
|4.||Reconfiguring your browser||As a final step, you need to reconfigure your browser to handle the Kerberos authentication process.|