iWay Big Data Integrator User's Guide > Configuring Kerberos Authentication > Configuring Kerberos Authentication on Windows

Configuring Kerberos Authentication on Windows

Topics:

You can configure your Kerberos setup so that you can use the MIT Kerberos Ticket Manager to get the Ticket Granting Ticket (TGT), or configure the setup so that you can use the driver to get the ticket directly from the Key Distribution Center (KDC). Also, if a client application obtains a Subject with a TGT, you can use that Subject to authenticate the connection.

Download and Install MIT Kerberos for Windows

How to:

This section describes how to download and Install MIT Kerberos for Windows.

Procedure: How to Download and Install MIT Kerberos for Windows

To download and install MIT Kerberos for Windows 4.0.1:

  1. Download the appropriate Kerberos installer.
  2. Run the installer by double-clicking the .msi file that you downloaded in step 1.
  3. Follow the instructions in the installer to complete the installation process.
  4. When the installation completes, click Finish.

Using MIT Kerberos Ticket Manager to Get Tickets

How to:

This section describes how to configure the KRB5CCNAME Environment Variable and get a Kerberos ticket. You must first set the KRB5CCNAME environment variable to your credential cache file.

Procedure: How to Set the KRB5CCNAME Environment Variable:

To set the KRB5CCNAME environment variable:

  1. Click the Start button, right-click Computer, and then click Properties.
  2. Click Advanced System Settings.
  3. In the System Properties Dialog box of the Advanced tab, click Environment Variables.
  4. In the Environment Variables dialog box, under the System variables list, click New.
  5. In the Variable name field of the New System Variable dialog box, type KRB5CCNAME.
  6. In the Variable Value field, type the path for your credential cache file.

    For example:

    C:\KerberosTickets.txt
  7. Click OK to save the new variable and then ensure that the variable appears in the System Variables list.
  8. Click OK to close the Environment Variables dialog box, and then click OK to close the System Properties dialog box.
  9. Restart your computer.

Procedure: How to Get a Kerberos Ticket

To get a Kerberos ticket:

  1. Click the Start button, then click All Programs, and click the Kerberos for Windows (64-bit) or Kerberos for Windows (32-bit) program group.
  2. Click MIT Kerberos Ticket Manager.
  3. In the MIT Kerberos Ticket Manager, click Get Ticket.
  4. In the Get Ticket dialog box, type your principal name and password, and then click OK.

    If the authentication succeeds, then your ticket information appears in the MIT Kerberos Ticket Manager.

Using the Driver to Get Tickets

How to:

To enable the driver to get Ticket Granting Tickets (TGTs) directly, you must ensure that the KRB5CCNAME environment variable has not been set. This section describes how to delete the KRB5CCNAME environment variable.

Procedure: How to Delete the KRB5CCNAME Environment Variable

To delete the KRB5CCNAME environment variable:

  1. Click the Start button, right-click Computer, and then click Properties.
  2. Click Advanced System Settings.
  3. In the System Properties dialog box, click the Advanced tab and then click Environment Variables.
  4. In the Environment Variables dialog box, check if the KRB5CCNAME variable appears in the System variables list. If the variable appears in the list, then select the variable and click Delete.
  5. Click OK to close the Environment Variables dialog box, and then click OK to close the System Properties dialog box.

Configuring the Kerberos Configuration File

How to:

This section describes how to configure the Kerberos configuration file.

Procedure: How to Set up the Kerberos Configuration File

To set up the Kerberos configuration file:

  1. Create a standard krb5.ini file and place it in the C:\Windows directory.
  2. Ensure that the KDC and Admin server specified in the krb5.ini file can be resolved from your terminal. If necessary, you can modify the following:
    C:\Windows\System32\drivers\etc\hosts