HP 635n HP Jetdirect Print Server Administrator's Guide (Firmware V.36) - Page 118
Kerberos Settings
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 118 highlights
Table 5-9 Kerberos page Item Manually Specify Configuration Import Configuration Files Description Select this option to manually configure the print server for Kerberos authentication. Click Next to display the Kerberos Settings page. Select this option to configure the print server for Kerberos authentication by importing configuration files. ● conf File: Enter or browse to the krb5.conf file. In the libdefaults section, include the default_realm andclockskew tag entries. In the realms section, include the kdc tag entry. ● keytab File: Enter or browse to a Kerberos keytab file. Use the Ktpass.exe command-line tool (the version prior to Windows Server 2003 Support Pack 1) to generate the keytab file. Use the principal name type KRB5_NT_PRINCIPAL, and the encryption type DES-CBC-MD5. ● Time Sync Period: This parameter specifies the time interval (in minutes) that the HP Jetdirect print server requests to synchronize its clock with a Simple Network Time Protocol (SNTP) time server. ● SNTP Server: If required, specify the Fully Qualified Domain Name (FQDN) or IP address of a Simple Network Time Protocol (SNTP) time server. By default, the SNTP server is the server used as the Key Distribution Center (KDC). Click Next to return to the Identity Authentication page, and confirm that Kerberos status indicates Configured. Kerberos Settings For Kerberos authentication, use the wizard to manually configure Kerberos account settings on the print server. 1. Use the Kerberos Settings page to configure Kerberos account and configuration settings. 2. Click Next to return to the Identity Authentication page, and confirm that Kerberos status indicates Configured. Table 5-10 Kerberos Settings page Item Description KDC Server Enter the Fully Qualified Domain Name (FQDN) of the domain controller used as the Kerberos Key Distribution Center (KDC). The FQDN consists of the device's host name and domain name. For example, kdc01.support.hp.com is a fully qualified domain name, where kdc01 is the host name and support.hp.com is the domain name. Principal Realm Enter a Kerberos principal realm in the form principal@REALM. In a Kerberos installation, a unique principal name is associated with each Kerberos account. For the HP Jetdirect print server Active Directory account, the principal is the user name for the print server. A Kerberos realm is similar in concept to a Windows domain and contains all the users, computers and services within a Kerberos installation. The realm is case-sensitive, and will typically be the DNS domain name specified in all uppercase characters (for example, if the domain name is hp.com, the realm is HP.COM). Password Enter the password for the HP Jetdirect account configured on Active Directory. 108 Chapter 5 IPsec/Firewall Configuration (V.36.xx) ENWW