Configuring SSO with Kerberos

Fastpath: Admin Console > People > Settings > Single Sign On > Kerberos

Understanding SSO with Kerberos

Important: Before you configure SSO, make sure you have a migration strategy for your existing Jive users. Implementing SSO without migrating your users to your new authentication provider will orphan existing user accounts, so users can't access their community content.

Setting Up Kerberos SSO

Service Principal
The service principal used to communicate with the KDC and validate any user tickets passed to Jive. Typically, the Service Principal value is the user name for an account.
The realm for the service principal account user name you specified.
(KDC) Key Distribution Center
The hostname for the key distribution center. You may not need to provide this information if the realm already resolves to the KDC.
Specifies the password for the service principal account user name you specified.

Advanced Settings

The following settings on the Advanced tab control some less commonly used SSO configurations.
Debug Mode
Enable to provide detailed logging for troubleshooting authentication problems. You should disable this setting in production.
Use Keytab for Authentication
Enable to specify a keytab file as an alternate credentialing method. To upload your keytab file, you need to Base64-encode it and paste it into the text box provided.
Use KRB Configuration File
Enable to specify a krb5.conf file. Then paste the file contents into the text box provided.