This documentation supports the 9.0 version of Remedy Action Request System.

To view the latest version, select the version from the Product version menu.

Using Kerberos for Authentication

Kerberos is a network authentication protocol that is designed to provide strong authentication for client/server applications by using strong cryptography. Such authentication enables a client to prove its identity to a server (and vice versa) across an insecure network connection.

The following table briefly outlines the steps to configure BMC Remedy Single Sign-On for Kerberos authentication.

StepActionAdditional information

Configuring a Domain Controller

To enable Kerberos authentication, you need to set up a server. This server is called a Key Distribution Center (KDC) which manages the Kerberos protocol.

In this instance, a domain controller is configured as a KDC.


Configuring Kerberos for authentication

In the BMC Remedy Single Sign-On Admin console, the process for Kerberos authentication is the same as SAML. But the differentiation in terms of implementing the Kerberos protocol happens at the domain controller (Key Distribution Center) and the ADFS (Identity Provider) ends.
3.Configuring ADFS for Kerberos authenticationAfter you configure BMC Remedy Single Sign-On as the local service provider and ADFS as the remote identity provider in the BMC Remedy Single Sign-On Admin Console, you must configure ADFS to handle the Kerberos protocol.
4.Reconfiguring your browserAs a final step, you need to reconfigure your browser to handle the Kerberos authentication process.

Was this page helpful? Yes No Submitting... Thank you