How to enable Kerberos Authentication for Applications Manager's MS SQL backend database?
i) Create keytab file in SQL Server installed machine using the steps mentioned at the bottom of the page.
SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=false
doNotPrompt=true
useKeyTab=true
keyTab="C://Users//kerberosuser.MSSQLKERBEROS//Desktop//kerberos//AppManager14//working//conf//KerberosConfigurations//MSSQL//krb5.keytab"
principal="MSSQLSvc/mssql-kerberos-dc1.mssqlkerberos.com:1433@MSSQLKERBEROS.COM"
storeKey=false
debug=false;
6. To use ticketCache for Kerberos authentication,
i) Run kinit program for the user account to which Kerberos is enabled using the steps mentioned at the bottom of the page. By default, ticket cache file will be created in the location {user.home}{file.separator}krb5cc_{user.name}
SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
ticketCache="C://Users//kerberosuser.MSSQLKERBEROS//Desktop//kerberos//AppManager14//working//conf//KerberosConfigurations//MSSQL//krb5cc_kerberosuser"
doNotPrompt=true
useKeyTab=false
principal="kerberosuser@MSSQLKERBEROS.COM"
storeKey=false
debug=false;
SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=false
doNotPrompt=false
useKeyTab=false
principal="MSSQLSvc/mssql-kerberos-dc1.mssqlkerberos.com:1433@MSSQLKERBEROS.COM"
storeKey=false
debug=true;
8. Open java.security file under <Applications Manager Home>\working\jre\lib\security directory and check for the line (line 141)
#login.config.url.1=file:${user.home}/.java.login.config
Add the below entry after this line,
login.config.url.1=file:C:/Users/kerberosuser.MSSQLKERBEROS/Desktop/kerberos/AppManager14/working/conf/KerberosConfigurations/MSSQL/MicrosoftJDBCDriver/login.conf
10. Now start Applications Manager and check Kerberos authentication using below query in the respective SQL server (auth_scheme should be returned as "KERBEROS") :
[ OR ]
How to create a keytab file?
How to create a ticket to use Ticket Cache for Kerberos Authentication?
New to ADSelfService Plus?
Related Articles
Enabling Kerberos Authentication for SQL Server in Applications Manager
I. How to implement Kerberos Authentication for Applications Manager's MS SQL Back-End Database? 1. Stop Applications Manager service. Open Applications Manager's home directory in the command prompt and run the below commands one by one: For Windows ...Issues while installing or starting Applications Manager with Microsoft SQL Server backend database
Problem: Unable to install or start Applications Manager using Microsoft SQL Server database as backend. Solution: Follow the below troubleshooting steps to resolve the issue: 1. On the Microsoft SQL server host, go to Start -> All Programs -> ...How do I migrate the MS SQL DB used by Applications Manager to another MS SQL server?
Follow the steps given below to migrate MS SQL database of Applications Manager to another MS SQL server: 1. Shutdown Applications Manager completely before the database migration. a. Stop Applications Manager service. b. Shutdown Applications ...Authentication Methods in Applications Manager
Authentication involves validating an incoming user to facilitate the access to a specific resource. There are various authentication methods that you can use - based on the requirements and usage. In recent times, numerous organizations are ...Maintenance of Applications Manager backend database
Note: Please take complete database backup without fail prior to these steps. I. Applications Manager with PostgreSQL Database. Shutdown all Applications Manager related process as follows: For windows: Open services.msc --> stop ManageEngine ...