1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
  6. Manual

Configuring The Clients - Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER Manual

Identity server guide
Hide thumbs
Table of Contents

Advertisement

Verifying the Kerberos Configuration
To view the
catalina.out
1 In the Administration Console, click Auditing > General Logging.
2 In the Identity Servers section, select the
3 Download the file and open it in a text editor.
4 Search for Kerberos and verify that a subsequent line contains a
For the configuration example, the lines look similar to the following:
principal's key obtained from the keytab
principal is HTTP/amser.provo.novell.com@AD.NOVELL.COM
Added server's keyKerberos Principal HTTP/
amser.provo.novell.com@AD.NOVELL.COMKey Version 3key EncryptionKey:
keyType=3 keyBytes (hex dump)=0000: CB 0E 91 FB 7A 4C 64 FE
[Krb5LoginModule] added Krb5Principal HTTP/
amser.provo.novell.com@AD.NOVELL.COM to Subject
Commit Succeeded
5 If the file does not contain any lines similar to these, verify that you have enabled logging. See
"Enabling Logging for Kerberos Transactions" on page
6 If the commit did not succeed, search backward in the file and verify the following values:
Service Principal Name
Name of keytab file
For the example configuration, the file would contains lines with text similar to the following:
Principal is HTTP/amser.provo.novell.com
KeyTab is /usr/lib/java/jre/lib/security/nidpkey.keytab
7 (Conditional) If you make any modifications to the configuration, either in the Administration
Console or to the bcsLogin file, restart Tomcat on the Identity Server.

3.4.4 Configuring the Clients

1 Add the computers of the users to the Active Directory domain.
For instructions, see your Active Directory documentation.
2 Log in to the Active Directory domain, rather than the machine.
3 Configure the Web browser to trust the Identity Server:
For Internet Explorer version 7, click Tools > Internet Options > Security > Local intranet
> Sites > Advanced. (For Internet Explorer version 6, click Tools > Internet Options >
Security > Trusted sites > Sites.)
In the Add this website to the zone text box, enter the Base URL for the Identity Server,
then click Add.
In the configuration example, this is
Click Close.
For Firefox, in the URL field, specify
network.n. Double click
(Linux) or the
stdout.log
catalina.out
http://amser.provo.novell.com
about:config
network.negotiate-auth.trusted-uris
Configuring Advanced Local Authentication Procedures 123
(Windows) file of the Identity Server:
or
file.
stdout.log
Commit Succeeded phrase
118.
. In the Filter field, specify
.
.
.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER and is the answer not in the manual?

Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER

Related Content for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER

This manual is also suitable for:

Access manager 3.1 sp1

Table of Contents