summaryrefslogtreecommitdiffstats
path: root/install/html/ssbrowser.html
blob: e30e8547f41dec881f4a42b82262e72730af1ea6 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
    <title>IPA: Identity Policy Audit</title>

    <script type="text/javascript" src="develop.js"></script>
    <script type="text/javascript" src="webui.js"></script>

    <link rel="stylesheet" type="text/css" href="jquery-ui.css" />
    <link rel="stylesheet" type="text/css" href="ipa_error.css" />
</head>

<body id="header-bg">
 
  <div class="container_1"> 
    <div class="header-logo">
            <img src="ipalogo.png" />
        </div>  
       <div class="textblockkrb"> 
        <h3>Browser Kerberos Setup</h3>
        <img alt="Internet Explorer" src="ie-icon.png"><h5>Internet Explorer Configuration</h5>
        <p>Once you are able to log into the workstation with your kerberos key you are now able to use that ticket in Internet Explorer. </p>
        
          <strong>Login to the Windows machine using an account of your Kerberos realm (administrative domain)</strong><br>
    	  <strong>In Internet Explorer, click Tools, and then click Internet Options.</strong> 
            <br>
            <ul>
            <li> 1. Click the Security tab </li>
            <li> 2. Click Local intranet </li>
            <li> 3. Click Sites </li>
            <li> 4. Click Advanced </li>
            <li> 5. Add your domain to the list </li>
            <br>
            <li> 1. Click the Security tab </li>
            <li> 2. Click Local intranet </li>
            <li> 3. Click Custom Level </li>
            <li> 4. Select Automatic logon only in Intranet zone </li>
            <br>
            <li> Visit a kerberized web site using IE (You must use the fully-qualified Domain Name in the URL)</li>
            <li><strong> You are all set. </strong></li>
            </ul>
            
            <br>
            
        <img alt="Firefox" src="firefox-icon.png"><h5>Firefox Configuration</h5>
       
        <p>You can configure Firefox to use Kerberos for Single Sign-on. The following instructions will guide you in configuring your web browser <br>
         to send your Kerberos credentials to the appropriate Key Distribution Center which enables Single Sign-on.  </p>
        
        	<ul><li> 1. In the address bar of Firefox, type <tt>about:config</tt> to display the list of current configuration options.</li>
                <li> 2. In the Filter field, type <tt>negotiate</tt> to restrict the list of options. </li>
                <li> 3. Double-click the <tt>network.negotiate-auth.trusted-uris</tt> entry to display the Enter string value dialog box. </li>
                <li> 4. Enter the name of the domain against which you want to authenticate, for example, <tt>.example.com.</tt> </li>
                <li> 5. Repeat the above procedure for the <tt>network.negotiate-auth.delegation-uris</tt> entry, using the same domain. </li>
                <br>
                <li><strong> You are all set. </strong></li>
            </ul>
        
             
        </div>
        
   </div>

</body>

</html>