The configuration of Back-side Kerberos SSO is split into 2 parts.
Part 1
The first part is in the Airlock Gateway configuration, which defines the following:
- ●If and where Back-side Kerberos SSO is used.
- ●The role set in Access restrictions >> Restricted to Roles.
- ●Under Credential Propagation >> SSO credential propagation, Kerberos is selected.
- ●The system user which is used to request a Kerberos Ticket for the user.
- ●The Kerberos Environment selected under Access >> Kerberos Environment.
Airlock Gateway Mapping configuration
Airlock Gateway Back-end Group configuration
Part 2
The second part is in the Airlock IAM configuration, which defines the following:
- ●Who should be propagated to the back-end server.