Configure to use Kerberos when user login is required
Complete these configuration steps to enable Process Manager to work with Kerberos when users are required to log in to Process Manager with a password(JS_LOGIN_REQUIRED=true in js.conf).
Before you begin
Ensure you have met the requirements for using Process Manager with Kerberos. See Requirements to integrate with Kerberos for details.
About this task
When a user is required to log in to Process Manager with a password (JS_LOGIN_REQUIRED=true in js.conf), Process Manager uses the Pluggable Authentication Module (PAM) on the Process Manager server to generate a valid user TGT.
Whenever a user successfully logs in to Process Manager, Process Manager generates a valid user TGT in /tmp/krb5cc_user_UID. The TGT is then copied to the Process Manager server's work directory, where it is periodically renewed, and forwarded to LSF when jobs in the flow are submitted.
Should Process Manager fail to acquire or renew the user TGT, Process Manager logs history messages and messages in jfd.log.host_name.