System information

Configuring Authentication
212 AlterPath OnBoard Administrator’s Guide
Configuring a Kerberos Authentication Server
When the administrative user goes to Config Authentication and selects
Kerberos from the “Authentication Type” pull-down menu, the fields shown
in the following figure appear. If a Kerberos authentication server has not
previously been configured, the fields are empty.
Figure 7-15:Config Authentication: Kerberos
If the Kerberos authentication server (which is also referred to as a Key
Distribution Center, or KDC) has previously been configured in either of the
authentication configuration screens, the fields are filled in with the
previously-configured values.
Before configuring a Kerberos server, the administrative user must obtain the
needed information from the servers administrator. The administrative user
enters the information in the following two fields, which display when the
Kerberos authentication type is selected:
Kerberos Realm Domain Name
Kerberos Server IP address
Caution! The Kerberos KDC rejects tickets when the timestamp on an
authentication request from a host is not within the maximum clock skew time
specified in the KDC’s hdc.conf file. Therefore, it is essential for the time
on the OnBoard to be synchronized with the time on the KDC.