Device > Server Profiles > Kerberos
Select or to configure a server profile
that enables users
to natively authenticate to an Active Directory domain controller
or a Kerberos V5-compliant authentication server. After configuring
a Kerberos server profile you can assign it to an authentication
profile (see Device
> Authentication Profile). You can use Kerberos to authenticate
end users who access your network resources (through GlobalProtect
or Authentication Portal) and administrators defined locally on
the firewall or Panorama.
that enables users
to natively authenticate to an Active Directory domain controller
or a Kerberos V5-compliant authentication server. After configuring
a Kerberos server profile you can assign it to an authentication
profile (see Device
> Authentication Profile). You can use Kerberos to authenticate
end users who access your network resources (through GlobalProtect
or Authentication Portal) and administrators defined locally on
the firewall or Panorama.To use Kerberos authentication, your back-end
Kerberos server must be accessible over an IPv4 address. IPv6 addresses
are not supported.
Kerberos Server Settings | Description |
|---|---|
Profile Name | Enter a name to identify the server (up
to 31 characters). The name is case-sensitive and must be unique.
Use only letters, numbers, spaces, hyphens, and underscores. |
Location | Select the scope in which the profile is
available. In the context of a firewall that has more than one virtual
system (vsys), select a vsys or select Shared (all
virtual systems). In any other context, you can’t select the Location ; its
value is predefined as Shared (firewalls ) or as Panorama. After
you save the profile, you can’t change its Location . |
Administrator Use Only | Select this option to specify that only
administrator accounts can use the profile for authentication. For
firewalls that have multiple virtual systems, this option appears
only if the Location is Shared . |
Servers | For each Kerberos server, click Add and specify
the following settings:
|
