Table of Contents

Kerberos for Service Authentication

Project Member(s)

Purpose

The Kerberos component of Active Directory supports the use of renewable principle tickets, they can be refreshed without a password, for authentication of a use against AD. This feature is especially useful for system accounts that run a service which integrates with AD without a stored password on that system running the application. This task is to setup a service that uses a Kerberos principle key to authenticate against AD.

Resources

https://wiki.samba.org/index.php/Authenticating_other_services_against_AD

http://sysadvent.blogspot.com/2012/12/day-21-double-hop-nightmare.html

http://www.math.ucla.edu/~jimc/documents/samba-ads-1401.html

Progress

*Fill in when updates to document*