Out of support


This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.

Click here to view the documentation for a supported version of Remedy Single Sign-On.

Using Kerberos for authentication

Kerberos is a network authentication protocol that is designed to provide strong authentication for client/server applications by using strong cryptography so that a client can prove its identity to a server (and vice versa) across an insecure network connection. This topic contains the following information:

Configuring Kerberos video

Click the following BMC Atrium Single Sign-On 8.1 Kerberos configuration video for more information:

Embedded player can toggle to full screen | YouTube: https://www.youtube.com/watch?v=Deo2od9ePRg

Before you begin

Before using Kerberos for authentication, a service principal for the BMC Atrium Single Sign-On server must be added to the realm. This service principal is used by clients to request a service ticket when authenticating. The service principal name is based on the host name of the server running BMC Atrium Single Sign-On.

To use Kerberos authentication with Active Directory (AD) installed on a Windows 2008 machine, upgrade Windows 2008 to SP2 (at least) or apply the Hotfix for Windows (KB951191). In addition, the identity used for the service principal cannot be the computer identity hosting the Atrium SSO service.


Kerberos authentication can not be used to authenticate clients from the same computer where BMC Atrium Single Sign-On is installed.

To set up Kerberos to use for authentication

  1.  Generating a keytab for the service principal and mapping the Kerberos service name
  2. Configuring the Kerberos module
  3. Reconfiguring your browser

For information about troubleshooting issues with Kerberos, see Troubleshooting Kerberos authentication.

Where to go from here

Was this page helpful? Yes No Submitting... Thank you