====== Kerberos for Service Authentication ======
====== Project Member(s) ======

  * N/A

====== Purpose ======

The Kerberos component of Active Directory supports the use of renewable principle tickets, they can be refreshed without a password, for authentication of a use against AD. This feature is especially useful for system accounts that run a service which integrates with AD without a stored password on that system running the application. This task is to setup a service that uses a Kerberos principle key to authenticate against AD. 

====== Resources======

[[https://wiki.samba.org/index.php/Authenticating_other_services_against_AD]]

[[http://sysadvent.blogspot.com/2012/12/day-21-double-hop-nightmare.html]]

[[http://www.math.ucla.edu/~jimc/documents/samba-ads-1401.html]]

====== Progress ======

*Fill in when updates to document*