Kerberos Configuration with Windows Active Directory
In this post I am going to show how to configure Windows Active directory to work with Kerberos Authentication.
Let’s start with configuring relevant hostname for active directory server.
Open Server Manager → Local Server
Then follow the instruction shown in screenshot,
Configure Static IP:
If you are using VirtualBox you can refer to post,
Or simply use >ipconfig/all get existing IP address, Gateway and DNS IP addresses. Fill the details as shown in below screenshot,
Install Domain Name System (DNS):
As per Microsoft docs, Active Directory Domain Services (AD DS) uses Domain Name System(DNS) name resolution services to make it possible for clients to locate domain controllers and for the domain controllers that host the directory service to communicate with each other.
To install DNS follow the below screenshots,
Configure Domain Controller:
A domain controller is the server running Active Directory, when you want to create a new forest, a new domain, or an additional domain controller in an existing domain, you configure the server with the role of domain controller by installing Active Directory domain services(AD DS).
About Active Directory Domain Services,
Promote the server to domain controller :
After installing it will restart automatically, after restart you can see yourself login in the NetBIOS domain name that you have created.
Till here we are done with Domain Controller configuration. We have still few things to work with Kerberos. We need to configure Active Directory Certificate Services(AD CS), that allow us issue and manage certificates used in variety of application. Then we will be installing MIT Kerberos setup and running some command to set up KDC (Key Distribution Center) . I will be sharing the link of that post soon.