Configuring the Authentication Service for domain authentication
Use the Application Server Administration console (blasadmin utility) to configure the BMC Server Automation Authentication Service so that the service can use the Kerberos configurations that you set up in previous procedures.
To configure the Authentication Service
- On the reports server, start the Application Server Administration console (the blasadmin utility) as follows.
- (Windows) Navigate to the BDSSAInstallationDirectoty\bin directory and enter the following command: blasadmin.
- (UNIX) Navigate to the BDSSAInstallationDirectoty/br directory and enter the following command: blasadmin.
To allow users to log on by using domain authentication, enter the following command:
set AuthServer isDomainAuthEnabled trueBy default, this value is set to false.
If you are not using the default file name of blappserv_krb5.conf, enter the following command to enable the Authentication Server to locate the file. Otherwise, you can skip this step.
set AuthServer AuthSvcKrb5Config <fileName><fileName> is the name of the blappserv_krb5.conf file. This file is essential for supporting Kerberos. By default, AuthSvcKrb5Config is set to a value of blappserv_krb5.conf.
If you are not using the default file name of blappserv_login.conf, enter the following command to enable the Authentication Server to locate the file. Otherwise, you can skip this step.
set AuthServer AuthSvcKrb5LoginConfig <fileName><fileName> is the name of the blappserv_login.conf file. This file is essential for supporting Kerberos. By default AuthSvcKrb5LoginConfig is set to a value of blappserv_login.conf.
Related topic
Configuring-the-Authentication-Server-to-refresh-domain-session-credentials