Set up Kerberos in v18?

Question

Is there any additional configuration needed to enable Kerberos authentication in v18? I got a failure message on upgrade startup in the log viewer: Cannot initialize Kerberos authentication with domain." but have not been able to figure out how to troubleshoot it further. Documentation doesn't seem to mention anything. Thanks in advance.

This thread was automatically locked due to age.

KingChris · Accepted Answer

Hi Bill Roland 
 This appears to be a bug. 
 Herewith is a workaround that you can try. Please do let us know if it fixes your issue: 
 Stop the NASM service: service nasm:stop -ds nosync 
 Remove file /content/nasm: rm -rf /content/nasm 
 Start the NASM service: service nasm:start -ds nosync 
 Thanks!

Alexander Neugebauer · Answer

Hello Dieter, 
 I actually solved the puzzle with Lucar`s help and my problem is solved. 
 About the GPO you may only use the link with http://fw... distribute. 
 And you are not allowed to access the firewall with the name from the client over HTTPS anymore. Because otherwise the browsers will save the name as HSTS and from now on only want to log in via HTTPs. And then the NTLM authentication fails. 
 If you still use the firewall as a user portal you have to think about which DNS names you want to store in the certificate. e.g. fw.xg.de for NTLM/Kerberos; portal.xg.de for userportal and xgadmin.xg.de for admin access via port 4444, which is also https. 
 Many greetings 
 Translated with www.DeepL.com/Translator (free version)

Dieter · Answer

Hello Alexander, 
 i had changed ander Admin settings the redirecting to the capative portal. I use now the IP adress. Thats, works. 
 Many greetings, 
 Dieter

ZenTekDS · Answer

I experienced the same exact issue and this same item fixed our issue. Should we open a case?

Set up Kerberos in v18?

Top Replies