====== Kerberos for Service Authentication ====== ====== Project Member(s) ====== * N/A ====== Purpose ====== The Kerberos component of Active Directory supports the use of renewable principle tickets, they can be refreshed without a password, for authentication of a use against AD. This feature is especially useful for system accounts that run a service which integrates with AD without a stored password on that system running the application. This task is to setup a service that uses a Kerberos principle key to authenticate against AD. ====== Resources====== [[https://wiki.samba.org/index.php/Authenticating_other_services_against_AD]] [[http://sysadvent.blogspot.com/2012/12/day-21-double-hop-nightmare.html]] [[http://www.math.ucla.edu/~jimc/documents/samba-ads-1401.html]] ====== Progress ====== *Fill in when updates to document*