Specifications
Kerberos Authentication
BlueSecureâ„¢ Controller Setup and Administration Guide 6-23
Saving the
settings
Click Save to store the information to the BSC database.
You may be prompted to restart the BSC. We recommend that you do not restart the BSC
until you have completely finished configuring the BSC for use in your network.
Kerberos Authentication
Kerberos is a network authentication protocol that was created by MIT as a solution to
network security problems. The Kerberos protocol uses strong cryptography so that a
client can prove its identity to a server (and vice versa) across an insecure network
connection. After a client and server have used Kerberos to prove their identity, they can
also encrypt all of their communications to assure privacy and data integrity as they go
about their business.
To configure an external Kerberos authentication server and define authentication rules:
Displaying the
New Kerberos
server page
1. Click the User authentication tab in the BSC administrator console.
2. Select External Kerberos Authentication from the Create drop-down list.
The New Kerberos server page appears as shown in Figure 6-9.
Enable server The Enable checkbox is marked to make the server available for user authentication.
Name Enter a meaningful name for the external Kerberos authentication server.
Precedence Select a priority from the drop-down list.1 means the server is checked first. The
precedence you configure here does not apply to Transparent NTLM Windows logins,
Transparent 802.1x logins, or local users in the BSC database, because these
authentication schemes are always checked first.
Kerberos server
settings
1. KDC address: Enter the Kerberos Domain Controller’s IP address or DNS name.
2. Enter number on which the KDC communicates in the Port field.
Figure 6-9: New Kerberos Server Page