Skip to Content
0
Former Member
Mar 07, 2007 at 11:54 AM

spnego on a clustered portal

40 Views

Hey all,

I am about to embark on a mission to configure kerberos authentication on a clustered portal. Any suggestions?

I'm guessing that it is more or less the same, but registering SPNs for every server in the cluster and ensuring the keytab/conf file is accessible to all servers. Is this correct?

I already managed (with a lot of pain) on a singlehost portal (see this thread: spnego wizard with EP7 / ADS )

Question: should the UPN be in the format

1) serviceusername@KERB.DOMAIN.COM , or

2) host/portalserver.kerb.domain.com@KERB.DOMAIN.COM

if (2), i guess "portalserver" would be the clustered DNS. how would this work if you want to access as single server individually?

Thanks in advance for all the excellent advice.

Regards,

faB

**a little bribe: I award points to the max 😉