Managing CA paths

Edit online

Use the CA Paths tab on the Kerberos Configuration management page in the LMI to manage these settings. These settings contain the authentication paths that are used with direct (non-hierarchical) cross-realm authentication.

About this task

The CA Paths tab contains settings for the capaths section of the corresponding Kerberos configuration file. You can create, edit, and delete properties and CA paths in this section. You can also test authentication with your web server principal name and password.

Procedure

  1. From the top menu, select Web > Global Settings > Kerberos Configuration.
    The current Kerberos configuration is displayed.
  2. On the CA Paths tab, take actions as needed.
    • Create a CA path
      1. Click New > Client Realm.
      2. In the Create Client Realm window, enter the realm name in the Client Realm field.
      3. Click Save.
    • Create a property
      1. Select the client realm in which to create the property.
      2. Click New > Property.
      3. In the Create New Property window, provide a value for the Server Realm and Intermediate Realm.
      4. Click Save.
    • Edit a property
      1. Select the property to edit from the table.
      2. Click Edit.
      3. In the Edit Property window, modify the value as needed.
      4. Click Save.
    • Delete a CA path
      1. Select the CA path to delete from the table.
      2. Click Delete.
      3. In the Confirm Action window, click Yes.
    • Delete a property
      1. Select the property to delete from the table.
      2. Click Delete.
      3. In the Confirm Action window, click Yes.
    • Test authentication with principal and password
      1. Click Test.
      2. In the Test Kerberos Authentication window, enter the name of the user that is created as the web server principal in the Username field.
      3. Enter the password in the Password field.
      4. Click Test.