Caution: If you save the configuration file when using the Windows standard
Notepad application, specify ANSI for the letter code. If you use an editor
other than the memo pad and have the YTF-8 BOM setting, specify No BOM
then save.
auth.server.type=kerberos
auth.group.mapping=<value>
auth.kerberos.<attribute>=<value>
auth.group.<realm name>.<attribute>=<value>
A full example is shown below:
auth.server.type=kerberos
auth.group.mapping=true
auth.kerberos.default_realm=example.com
auth.kerberos.dns_lookup_kdc=true
auth.kerberos.clockshow=300
auth.kerberos.timeout=10
auth.group.example.com.searchdn=CN=sample1,CN=Users,DC=domain,DC=
localauth.group.example.com.searchpw=passwordauth.ldap.PrimarySer
ver.basedn=CN=Users,DC=domain,DC=local
The Kerberos attributes are defined in the following table.
Table 9 Kerberos definition (for authentication server)
Attribute Description
Required /
Optional
Default value
auth.server.type Type of an authentication server.
Specify kerberos.
Required None
auth.group.mapping Information about whether to work
together with an authorization
server
• true: Works together
• false: Does not work together
Optional false
auth.kerberos.default_
realm
Default realm name Required None
auth.kerberos.dns_loo
kup.kdc
This is a switch that determines
which information registered in the
SRV records in the DNS server to
use when searching the Kerberos
server.
• true: Searches with the
information registered in the SRV
records in the DNS server
• false: Searches with the host
name and port number
When "realm name" and "<value
specified to the realm name>.kdc"
are specified, the Kerberos server is
Optional false
194 User administration
System Administrator Guide for VSP Gx00 models and VSP Fx00 models
To Next Page
Loading...
Need help?
General