HP CM8000 Practical IPsec Deployment for Printing and Imaging Devices - Page 152

Enter in the configuration manually. The output of the ktpass command and krb5.conf file can be used here, rather than the files themselves. CAPITALIZATION of the Principal is very important! Okay, those are the two manual methods for configuration Kerberos on Jetdirect. Once we've got that setup, now we need to go back to the Microsoft configuration and setup Kerberos there. Microsoft Windows: Kerberos Authentication Windows XP/2003/Vista/2008: IPv4 IP Security Policies NOTE: The "IP Security Policy Management" MMC Snap-In discussed in the following slides is available on Microsoft XP/2003/Vista/2008. However, it only protects IPv4 and is limited in its choice of IPsec parameters. For Microsoft Vista and Server 2008, the netsh commands or the Advanced Firewall MMC snap in should be used to provide IPv4/IPv6 protection as well as the ability to set more IPsec parameters. Rather than step through the entire Microsoft configuration again, we are going to assume that the user has simply right-clicked on the Policy or Rule that we've previously configured and did a properties view. In the MMC for the "IPsec Policy Manager" snap-in, going to the Authentication Method tab, we simply select Kerberos. Now we are done! 152