Toggle navigationAboutRelease and supportSystem architecturesGetting startedRequirements and limitationsInstallation, upgrade and system provisioningBasic conceptsREST-API-based configuration and administrationConfiguration Center (GUI)Configuration examples and guidesIntegration of 3rd-party products and applicationsControl APIUsing header tokens for session trackingCSRF protection for SPAsICAP configurationConfiguring JWKS providersGraphQL integrationLet’s Encrypt as certificate providerThreat IntelligenceKerberos integrationRequirementsAbout Back-side Kerberos SSOSingle domain setupLimitationsPrepare Kerberos for Airlock Gateway integrationActive Directory configurationSystem user for Kerberos constrained delegationCreate a system userEnable Kerberos constrained delegation for the system userAllow Kerberos constrained delegation in a single domain setupAirlock Gateway configurationAirlock IAM configurationCross-domain setupAdvanced SetupTips for troubleshootingOperationExpert settings collectionTroubleshooting and supportReference documentationIntegration of 3rd-party products and applicationsKerberos integrationSingle domain setupActive Directory configurationActive Directory configurationThe following contents show the steps required to configure Active Directory to run Back-side Kerberos SSO.Chapter contentSystem user for Kerberos constrained delegationFurther information and linksKB - Verify the domain and forest functional level
The following contents show the steps required to configure Active Directory to run Back-side Kerberos SSO.