Specifications
3-308
Cisco Wide Area Application Services Command Reference
OL-11817-01
Chapter 3 CLI Commands
(config) kerberos
(config) kerberos
To authenticate a user that is defined in the Kerberos database, use the kerberos global configuration
command. To disable authentication, use the no form of the command.
kerberos {local-realm kerberos-realm | realm {dns-domain | host} kerberos-realm | server
kerberos-realm {hostname | ip-address} [port-number]}
Note Your Windows domain server must have a Reverse DNS Zone configured for this command to execute
successfully.
Syntax Description
Defaults kerberos-realm: NULL string
port-number: 88
Command Modes global configuration
Device Modes application-accelerator
central-manager
Usage Guidelines All Windows 2000 domains are also Kerberos realms. Because the Windows 2000 domain name is also
a DNS domain name, the Kerberos realm name for the Windows 2000 domain name is always in
uppercase letters. This capitalization follows the recommendation for using DNS names as realm names
in the Kerberos Version 5 protocol document (RFC-1510) and affects only interoperability with other
Kerberos-based environments.
local-realm Displays the default realm for WAAS. Configures a switch to authenticate
users defined in the Kerberos database.
kerberos-realm IP address or name (in UPPERCASE letters) of the Kerberos realm. Default
value is a NULL string.
realm Maps a host name or DNS domain name to a Kerberos realm.
dns-domain DNS domain name to map to Kerberos realm.
Note The name must begin with a leading dot (.).
host Host IP address or name to map to Kerberos host realm.
server Specifies the Key Distribution Center (KDC) to use in a given Kerberos
realm and, optionally, the port number the KDC is monitoring.
hostname Name of the host running the KDC.
ip-address IP address of the host running the KDC.
port-number (Optional) Number of the port on the KDC server.