Configure Kerberos authentication based on MIT Kerberos via ADCM
Overview
To kerberize a cluster using MIT KDC, follow the steps below:
-
In ADCM web UI, go to the Clusters page. Select an installed and prepared ADPS cluster, and run the Manage Kerberos action.
Manage Kerberos -
In the pop-up window, turn on the Existing MIT KDC option.
Choose the relevant option -
Fill in the prepared MIT Kerberos parameters.
MIT KDC fields -
Click Run, wait for the job to complete and proceed to setting up Kerberos in the cluster.
Run the action
MIT Kerberos parameters
Parameter | Description |
---|---|
Authentication on WEB UIs |
Enables Kerberos authentication on Web UIs |
KDC hosts |
One or more MIT KDC hosts |
Realm |
A Kerberos realm — a network containing KDC hosts and clients |
Domains |
Domains associated with hosts |
Kadmin server |
A host where |
Kadmin principal |
A principal name used to connect via |
Kadmin password |
A principal password used to connect via |
Keytabs directory |
Directory of the keytab file that contains one or several principals along with their keys |
Additional realms |
Additional Kerberos realms |
Trusted Active Directory server |
An Active Directory server for one-way cross-realm trust from the MIT Kerberos KDC |
Trusted Active Directory realm |
An Active Directory realm for one-way cross-realm trust from the MIT Kerberos KDC |