(Optional) Enable Kerberos security

If your deployment uses Kerberos authentication, you must configure the IXIASOFT CCMS Desktop and include Kerberos security files.

1. Go to the IXIASOFT Download site:
   https://cms.ixiasoft.com/downloads/
2. Open the CCMS_Desktop folder, and download eclipse-4.7.3_win32_x86_64_6.3.x.zip file.
3. Extract and open the file.
   You will find the krb5.ini and login.conf files inside. You can use these files as templates and configure them as described below.
4. Create the krb5.ini Kerberos configuration file.
   This file specifies the Kerberos configuration used for authentication. Configure it as follows:

   • realm: Kerberos realm name. This is the Fully Qualified Domain Name (FQDN) of your Active Directory Windows domain. The domain name is case-sensitive so take note of what is in uppercase or lowercase in the example of the krb5.ini Kerberos configuration file. Replace the lowercase acme.local with your domain name in lowercase and the uppercase ACME.LOCAL with your domain name in uppercase.
   • kdc: Kerberos Key Distribution Center (KDC) host name and port (Windows domain controller).

   For example:

   [domain_realm]
      .acme.local = ACME.LOCAL
      acme.local = ACME.LOCAL
      acme = ACME.LOCAL
      ACME = ACME.LOCAL
   [libdefaults]
      default_realm = ACME.LOCAL
      dns_lookup_kdc = true
      dns_lookup_realm = true
   [logging]
   [realms]
      ACME.LOCAL = {
      kdc = dc1.acme.local
      kdc = dc2.acme.local
      admin_server = dc1.acme.local
      default_domain = ACME.LOCAL       
   }      

5. Save this file in the packaging directory; for example:

   C:\ixiasoft-ccms\cms<version for path>\krb5.ini

   Where <version for path> is replaced by the current release version number without using punctuation.

6. Repeat this procedure for every Windows packaging directory that must support Kerberos.