This documentation supports the 21.3 version of BMC Helix Single Sign-On.To view an earlier version, select the version from the Product version menu.

Configuring Kerberos authentication

As a BMC Helix Single Sign-On administrator, you can configure Kerberous authentication to provide authentication service for a client and server applications by using secret-key cryptography.

Related topics

Kerberos-authentication


To configure Kerberous authentication, perform the tasks described in this section:

Task

Description

Reference

1

As an Active Directory (AD) administrator, create a service account in Active Directory and then add an SPN mapping for the service account.

Optionally, as s a user who has access to the domain controller, generate a keytab file if you want to provide the credentials through a keytab file.

2

As a BMC Helix SSO administrator, configure the Kerberos authentication in the BMC Helix SSO Admin Console.

3

As a system administrator, configure a browser on the end users' computers, or provide instructions to end users how to configure their browser for Kerberous authentication.

To configure Kerberous authentication, perform the tasks described in this section:

Task

Description

Reference

1

As a BMC Helix SSO administrator, configure the Kerberos authentication in the BMC Helix SSO Admin Console.

2

As a system administrator, configure a browser on the end users' computers, or provide instructions to end users how to configure their browser for Kerberous authentication.

Related Videos

Important

The following video shows an older version of BMC Helix SSO. Although there might be minor changes in the user interface, the overall functionality remains the same.