Toggle navigationAirlock Secure Access HubAbout this documentAbout Airlock Gateway Release notesGetting startedGeneral warnings and recommendationsBasic conceptsREST API based configuration and administrationConfiguration Center (GUI)Configuration examples and guidesIntegration of 3rd-party products and applicationsControl APIHeader-based session trackingCSRF protection for SPAsICAP configurationJWKS providers configurationGraphQL integrationLet’s Encrypt as certificate providerThreat intelligenceMicrosoft integrationIntegration of Microsoft Exchange 2016 / 2019Publishing Microsoft SharePoint 2016Publishing Microsoft SharePoint 2019Publishing Microsoft WebDAVKerberos integrationRequirementsAbout Back-side Kerberos SSOSingle domain setupCross-domain setupLimitationsPrepare Kerberos for Airlock Gateway integrationActive Directory configurationSystem user for Kerberos constrained delegationCreate a system userEnable Kerberos constrained delegation for the system userAllow Kerberos constrained delegation in a cross-domain setupAirlock Gateway configurationAirlock IAM configurationAdvanced SetupTips for troubleshootingOperation tasksReference documentationExpert settings collectionTroubleshooting and supportIntegration of 3rd-party products and applicationsMicrosoft integrationKerberos integrationCross-domain setupActive Directory configurationActive Directory configurationThe following contents show the steps required to configure Active Directory to run Back-side Kerberos SSO.Chapter contentSystem user for Kerberos constrained delegationFurther information and linksKB - Verify the domain and forest functional level
The following contents show the steps required to configure Active Directory to run Back-side Kerberos SSO.