Defining Key Distribution Centers (KDCs) - BlueCat Integrity

Defining Key Distribution Centers (KDCs) - BlueCat Integrity - 26.1.0

Address Manager Administration Guide

ft:locale

en-US

Product name

BlueCat Integrity

Version

26.1.0

The KDC is a network service that supplies Kerberos tickets and temporary session keys to users and computers within an Active Directory domain. The KDC runs on each Active Directory domain controller. Address Manager supports multiple KDCs for GSS-TSIG configuration.

If you are running multiple domain servers and wish to use the GSS-TSIG protocol for secure DDNS updates, you must define a KDC in each Kerberos realm that you have created for each child domain.

Note: Modifying the list of KDCs in a Kerberos Realm and deploying DHCP requires a restart of DHCP service, resulting in a service outage.

To define a KDC:

Select the Global tab in the sidebar, then select Configurations.
Select the name of a configuration.
Select the Kerberos realms tab.
Select the name of a Kerberos realm.
Select the Key distribution centers tab.
Select New.
Under General, set the name, host, and port:
- Name—enter the name for the Kerberos Key Distribution Center (KDC).
- Host—enter the IP address or hostname for the Kerberos Key Distribution Center (KDC).
  Note: If typing the hostname for the Host field, you must configure Address Manager with the IP address of a DNS server capable of resolving the hostname.
- Port—enter the port for the Kerberos KDC. The default port number is 88.
In the Change control section, add comments if required.
Select Create or Create and add another.