Airlock IAM authenticates the user and sets after successful authentication through the Control API the Kerberos user to propagate to the back-end server.
The following example helps to explain which Kerberos user is propagated to the back-end.
Airlock IAM authenticates the user and sets after successful authentication through the Control API the Kerberos user to propagate to the back-end server.
The following example helps to explain which Kerberos user is propagated to the back-end.
The following configuration is active on Airlock Gateway.
Mapping Name | Back-end Group |
Exchange_2016_OWA | int.virtinc.com |
Exchange_2019_OWA | int.virtinc.com |
Web_application | airlock.academy |
The following Kerberos users are set by Airlock IAM through Control API.
Username | Windows Domain | Mapping Name |
UserA | int.virtinc.com | |
UserB | int.virtinc.com | Exchange_2019_OWA |
Admin | airlock.academy | Web_application |
This setup is only possible with Cross-domain setup.
Airlock Gateway can do KCD with a Single domain setup or a Cross-domain setup.