Creating and configuring a Kerberos Realm - BlueCat Integrity

Creating and configuring a Kerberos Realm - BlueCat Integrity - 26.1.0

Address Manager Administration Guide

ft:locale

en-US

Product name

BlueCat Integrity

Version

26.1.0

A Kerberos Realm defines an authentication boundary within which a server has authority to authenticate a service, host, or user. You need to define the Kerberos realm in Address Manager, to match the domain name in Active Directory.

If you are running multiple child domain servers and wish to use the GSS-TSIG protocol for secure DDNS updates, you must create a Kerberos realm for each child domain along with a Kerberos realm for the parent domain.

Note: Adding or removing a Kerberos Realm in Address Manager and deploying DHCP requires a restart of DHCP service, resulting in a service outage.

To create a Kerberos Realm:

Select the Global tab in the sidebar, then select Configurations.
Select the name of a configuration.
Select the Kerberos realms tab.
Select New.
Under General, set the realm name and domain:
- Name—enter the name for the Kerberos realm in UPPERCASE CHARACTERS.
- Domain—enter the domain name for the Kerberos realm in lowercase characters.
In the Change control section, add comments if required.
Select Create or Create and add another.