Why to use Kerberos?
Posted: Wed May 08, 2019 11:57 am
Kerberos Authentication support is particularly useful for Enterprise networks that have a Microsoft AD based Domain controller. By properly configuring the necessary Kerberos related factors, your enterprise Internet users can optionally enjoy Windows Integrated Authentication. Windows Integrated Authentication is a non-interactive authentication process, that uses SSO authentication. SSO ensures that your users do not have to manually provide their user credentials as username / password to access your networked enterprise resources and services, yet their access is restricted as specified. SSO, thus not only just adds convenience to the overall user experience, but also enhances security.
Configuration of SSO Authentication is very easy.
Configuration of SSO Authentication is very easy.
- Monit service must be Up.
- Integrate Active Directory For SSO Authentication
- SafeSquid requires an automation script called kerberos.sh* script will automatically run from path /usr/local/safesquid/ui_root/cgi-bin
and generate HTTP.keytab , krb5.conf , krb.tkt at path /usr/local/safesquid/security
- Then SafeSquid will create the stub zone for DNS resolution of your Active Directory server.The file with stub zone will create with the name : safesquid.dns.conf At path :/usr/local/safesquid/security/dns (automatically)