You can configure Kerberos authentication for the
Ops Center directory service.
Note: Whenever you make changes to Kerberos
authentication, make sure to retest the authentication for the Directory service (in ).
- Log in to the Ops Center portal as sysadmin or a user with opscenter-administrators membership.
- From the navigation bar, click Manage users and select User directories from the Asset type list.
- Click Kerberos connection settings.
- To use DNS instead of KDC to look up the Kerberos server, enable DNS lookup KDC.
- Use Clock skew to control the maximum time difference between the system clocks on the Ops Center server and the Kerberos server (default: 300 seconds). When this value is exceeded, an authentication error occurs.
- Enter the Realm name that identifies the Kerberos domain. The Realm name is case-sensitive and must match the realm to which you are linking. Although the realm can be any ASCII string, the convention is to make it the same as the domain name in upper-case letters (such as EXAMPLE.COM).
- If you are not using DNS, click +Add KDC to provide a list of Kerberos KDC server entries.
- Click Submit when the settings are complete.