Unsupported content This version of the documentation is no longer supported. However, the documentation is available for your convenience. You will not be able to leave comments.

Implementing Domain Authentication

The BMC Server Automation Authentication Service can authenticate users using Windows Active Directory user credentials. Users provide a user name, domain, and password. The Authentication Service uses that information to authenticate the user to the Active Directory KDC, which relies on the Active Directory registry to store the names and passwords of registered users within its Kerberos realm. In Windows, a Kerberos realm is an Active Directory domain.

Configuring a BMC Server Automation system to support Domain Authentication requires configuration beyond the default setup. For details, see Configuring-Domain-Authentication.

After you configure BMC Server Automation for Domain Authentication, you must configure a client to use an authentication profile set up for Domain Authentication. See Authentication-profiles and Managing-authorizations for more information about authentication profiles.

The following topics provide instructions for setting up Domain Authentication at installations where AD/Kerberos authentication is not already being used for BMC Server Automation. If you have already set up AD/Kerberos authentication for BMC Server Automation, use your existing Kerberos configuration files and modify as necessary based on the descriptions in the following topics.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*