blob: e30e8547f41dec881f4a42b82262e72730af1ea6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>IPA: Identity Policy Audit</title>
<script type="text/javascript" src="develop.js"></script>
<script type="text/javascript" src="webui.js"></script>
<link rel="stylesheet" type="text/css" href="jquery-ui.css" />
<link rel="stylesheet" type="text/css" href="ipa_error.css" />
</head>
<body id="header-bg">
<div class="container_1">
<div class="header-logo">
<img src="ipalogo.png" />
</div>
<div class="textblockkrb">
<h3>Browser Kerberos Setup</h3>
<img alt="Internet Explorer" src="ie-icon.png"><h5>Internet Explorer Configuration</h5>
<p>Once you are able to log into the workstation with your kerberos key you are now able to use that ticket in Internet Explorer. </p>
<strong>Login to the Windows machine using an account of your Kerberos realm (administrative domain)</strong><br>
<strong>In Internet Explorer, click Tools, and then click Internet Options.</strong>
<br>
<ul>
<li> 1. Click the Security tab </li>
<li> 2. Click Local intranet </li>
<li> 3. Click Sites </li>
<li> 4. Click Advanced </li>
<li> 5. Add your domain to the list </li>
<br>
<li> 1. Click the Security tab </li>
<li> 2. Click Local intranet </li>
<li> 3. Click Custom Level </li>
<li> 4. Select Automatic logon only in Intranet zone </li>
<br>
<li> Visit a kerberized web site using IE (You must use the fully-qualified Domain Name in the URL)</li>
<li><strong> You are all set. </strong></li>
</ul>
<br>
<img alt="Firefox" src="firefox-icon.png"><h5>Firefox Configuration</h5>
<p>You can configure Firefox to use Kerberos for Single Sign-on. The following instructions will guide you in configuring your web browser <br>
to send your Kerberos credentials to the appropriate Key Distribution Center which enables Single Sign-on. </p>
<ul><li> 1. In the address bar of Firefox, type <tt>about:config</tt> to display the list of current configuration options.</li>
<li> 2. In the Filter field, type <tt>negotiate</tt> to restrict the list of options. </li>
<li> 3. Double-click the <tt>network.negotiate-auth.trusted-uris</tt> entry to display the Enter string value dialog box. </li>
<li> 4. Enter the name of the domain against which you want to authenticate, for example, <tt>.example.com.</tt> </li>
<li> 5. Repeat the above procedure for the <tt>network.negotiate-auth.delegation-uris</tt> entry, using the same domain. </li>
<br>
<li><strong> You are all set. </strong></li>
</ul>
</div>
</div>
</body>
</html>
|
