Configure Kerberos authentication on IXIASOFT CCMS Scheduler (Windows only)

If IXIA CCMS Scheduler connects to a IXIA TEXTML Server that uses Kerberos authentication, you must configure Kerberos authentication for the CCMS Scheduler.

About this task

To configure the Scheduler for Kerberos authentication:
Note: This procedure is required only if Kerberos authentication is enabled in IXIA TEXTML Server.

Procedure

  1. Create the krb5.ini Kerberos configuration file.
    This file specifies the Kerberos configuration used for authentication. Configure it as follows:
    • realm: Kerberos realm name. This is the Fully Qualified Domain Name (FQDN) of your Active Directory Windows domain. The domain name is case-sensitive, so note what is in uppercase or lowercase in the example of the krb5.ini Kerberos configuration file.

      For example, replace acme.local with yourdomainname.local in lowercase and ACME.LOCAL with YOURDOMAINNAME.LOCAL in uppercase.

    • kdc: Kerberos Key Distribution Center (KDC) host name and Windows domain controller port.
    For example:
    [domain_realm]
       .acme.local = ACME.LOCAL
       acme.local = ACME.LOCAL
       acme = ACME.LOCAL
       ACME = ACME.LOCAL
    [libdefaults]
       default_realm = ACME.LOCAL
       dns_lookup_kdc = true
       dns_lookup_realm = true
    [logging]
    [realms]
       ACME.LOCAL = {
       kdc = dc1.acme.local
       kdc = dc2.acme.local
       admin_server = dc1.acme.local
       default_domain = ACME.LOCAL       
    }      
  2. Save the file in the %SchedulerDir%/conf directory.
  3. Create the login.conf login configuration file.
    This file specifies the Java login configuration for Active Directory. It must include the following code:
    TextmlClientLogin
    {
          com.sun.security.auth.module.Krb5LoginModule required useTicketCache=false;
    };
  4. Save the file in the %SchedulerDir%/conf directory.