Enable Kerberos security

If your deployment uses Kerberos authentication, you must specify the Kerberos information in the IXIA CCMS Output Generator configuration.

About this task

To configure the CCMS Output Generator for Kerberos authentication:
Note: This procedure is required only if Kerberos authentication is enabled in IXIA TEXTML Server.

Procedure

  1. Open the %OutputGenDir%/conf/krb5.ini file.
    Note: If this is the first time that you are installing the CCMS Output Generator, open the krb5.ini.orig file and save it as krb5.ini (remove the .orig suffix).
  2. Edit the file as follows:
    This file specifies the Kerberos configuration used for authentication. Configure it as follows:
    • realm: Kerberos realm name. This is the Fully Qualified Domain Name (FQDN) of your Active Directory Windows domain. The domain name is case-sensitive, so note what is in uppercase or lowercase in the example of the krb5.ini Kerberos configuration file.

      For example, replace acme.local with yourdomainname.local in lowercase and ACME.LOCAL with YOURDOMAINNAME.LOCAL in uppercase.

    • kdc: Kerberos Key Distribution Center (KDC) host name and Windows domain controller port.
    For example:
    [domain_realm]
       .acme.local = ACME.LOCAL
       acme.local = ACME.LOCAL
       acme = ACME.LOCAL
       ACME = ACME.LOCAL
    [libdefaults]
       default_realm = ACME.LOCAL
       dns_lookup_kdc = true
       dns_lookup_realm = true
    [logging]
    [realms]
       ACME.LOCAL = {
       kdc = dc1.acme.local
       kdc = dc2.acme.local
       admin_server = dc1.acme.local
       default_domain = ACME.LOCAL       
    }      
  3. Save and close krb5.ini.