Set Up Kerberos for AS/400 Single Sign-on
Kerberos is an authentication protocol that uses cryptographic tickets to avoid transmitting plain text passwords. Client services obtain ticket-granting tickets from the Kerberos Key Distribution Center (KDC) and present those tickets as their network credentials to gain access to services.
Note
Kerberos support in HACloud is used for AS/400 single sign-on. HACloud does not yet support end user authentication to the session server via Kerberos. MSS must be configured with an authentication method that results in a user principle that is resolvable in the Kerberos Active Directory domain, for example LDAP, SAML, or Siteminder. Kerberos support on the AS/400 only works with Windows Active Directory Server.
By using Kerberos, after an initial domain sign-on, users do not have to enter their credentials when accessing AS/400 sessions in Host Access for the Cloud.
An overview of enabling and using this feature can be found in the MSS Administrative Console > Host Access for the Cloud panel documentation.
Choose Host Access for the Cloud from the drop down list, then select Kerberos Settings, and click the Help button:
