Why to use Kerberos?

Kerberos Authentication support is particularly useful for Enterprise networks that have a Microsoft AD based Domain controller. By properly configuring the necessary Kerberos related factors, your enterprise Internet users can optionally enjoy Windows Integrated Authentication. Windows Integrated Authentication is a non-interactive authentication process, that uses SSO authentication. SSO ensures that your users do not have to manually provide their user credentials as username / password to access your networked enterprise resources and services, yet their access is restricted as specified. SSO, thus not only just adds convenience to the overall user experience, but also enhances security.

Configuration of SSO Authentication is very easy.

  • Monit service must be Up.

  • Integrate Active Directory For SSO Authentication

Follow LINK : https://docs.safesquid.com/wiki/Integra … entication

  • SafeSquid requires an automation script called kerberos.sh script* will automatically run from path /usr/local/safesquid/ui_root/cgi-bin
    and generate HTTP.keytab , krb5.conf , krb.tkt at path /usr/local/safesquid/security

  • Then SafeSquid will create the stub zone for DNS resolution of your Active Directory server.The file with stub zone will create with the name : safesquid.dns.conf At path :/usr/local/safesquid/security/dns (automatically)

To setup Kerberos SSO authentication works with SafeSquid Follow LINK : https://docs.safesquid.com/wiki/Integra … entication