Kerberos authentication properties
The file kerberos.properties stores several settings related to Kerberos authentification.
You should edit these settings via the user interface. Please note that some of these properties are stored encrypted.
| Property | Default value | Encrypted | Explanation |
|---|---|---|---|
| use.kerberos | false | no | Whether Kerberos authentication is activated. |
| kerberos.fs.sync | false | no | When activated, all changes to the configuration will be sent to all available frontend servers. |
| ldap.search.use.clientconnection | false | no | Which connection settings are to be used for establishing a connection to the LDAP server (for searching for available users). When to to false, the connection settings as configured in the Kerberos settings are used. Otherwise, the connection settings as configured in the client menu are used. |
| ldap.search.account | (empty string) | yes | The LDAP account used to access the active directory in order to search for available users. |
| ldap.search.account.pwd | (empty string) | yes | Password for the LDAP account used to access the active directory in order to search for available users. |
| ldap.search.ssl | false | no | Whether SSL is used for the connection to the LDAP server. |
| ldap.search.dc | (empty string) | yes | Fully qualified name to the LDAP server. |
| ldap.search.port | 389 | yes | The port for the connection to the LDAP server. |
| ldap.search.hop.count | 5 | no | The maximum number of referral hops that may be performed on the LDAP server. Setting this to 0 deactivates referral hops and no references will be followed. |
| ldap.search.basedn | (empty string) | yes | The LDAP base DN (distinguished name) used for looking up available user accounts. |