EasyManua.ls Logo

Harmonic MediaGrid - Configuring for Active Directory; Authentication

Harmonic MediaGrid
358 pages
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter 4 System Configuration
© 2017 Harmonic Inc. All rights reserved. 115 Harmonic MediaGrid Release 4.1
Joining a Harmonic MediaGrid Cluster to a Windows Domain
Configuring for Active Directory
Complete the following procedures to use the standard method of Active Directory
authentication.
The Active Directory Domain name must be a Fully Qualified Domain Name (FQDN), which is a
domain name containing three or four parts, (for example, “ahost.example.com”).
NOTE: The following steps must also be performed after replacing a ContentDirector.
IMPORTANT: The entries in this section are case-sensitive. The specific entries are in bold/italic text in
the following sections and must be entered as shown, in either UPPERCASE or lowercase letters (using the
actual names) to successfully join a Windows domain.
Before You Begin
You will need the following information before beginning:
The ACTIVE_DIRECTORY_DOMAIN_NAME from the facility’s network domain administrator.
The WINDOWS_NT_DOMAIN_NAME. This may often be the first word of the
ACTIVE_DIRECTORY_DOMAIN_NAME.
The IP address and the name of the Windows Active Directory controller machine. Replace
the name in the steps below where you see “windows_domain_controller_name”.
The Administrator account password on the Active Directory controller.
Note that a Windows Active Directory controller is also called a Windows Domain Controller.
NOTE: The following sections provide instructions for supporting one or more domain controllers. Entries
for adding a secondary domain controller are identified as “optional.” Only complete the optional steps if
you are adding a secondary domain controller. The optional entries can be added at any time (before or
after the ContentDirector has joined the domain).
Creating a Kerberos Configuration File
1. From your SSH terminal, remove /etc/krb5.conf by entering the following command:
sudo rm -f /etc/krb5.conf
2. Create a new file using the same file name (“krb5.conf”) and then add the following entries:
[libdefaults]
default_realm = ACTIVE_DIRECTORY_DOMAIN_NAME
[realms]
ACTIVE_DIRECTORY_DOMAIN_NAME = {
kdc = windows_domain_controller_name.active_directory_domain_name
kdc = secondary_domain_controller_name.active_directory_domain_name
(optional)
}
[domain_realm]
.kerberos.server = ACTIVE_DIRECTORY_DOMAIN_NAME
NOTE: The ACTIVE_DIRECTORY_DOMAIN_NAME must be written in UPPERCASE letters.
Adding the Domain Controller Address
1. From your SSH terminal, edit /etc/hosts using the following command:

Table of Contents

Related product manuals