Field | Description |
Server/Client | Choose Server or Client mode depending on whichever Kerberos authentication you are trying to debug. |
Keytab File Name | The name and location of the Server Key tab file. Refer to Configuring Kerberos for Use with TDV for instructions on how to create this file. The Domain Administrators are generally responsible for creating this file. While testing a Client Kerberos authentication, this field is not required. |
SPN | This is the Service Principal Name. You can get this from the Properties file. For Server authentication test, it is given in the form: HTTP/FullyQualified_HostName@Realm. For example, HTTP/krb5-win.sample.net@sample.NET For Client authentication test, it is of the form: HTTP@FullyQualified_HostName. For example, HTTP@krb5-win.sample.net |
Port number | In a Server mode, this will be the port that the Server will listen. In a Client mode, this is the Server port. |
Server Host | The host name/IP where TDV Server is running. If the server is running in your localhost, check the “Use localhost” option. This field is disabled when testing a Server. |
Kerberos Conf File | The Kerberos configuration file with the full path. For example, “c:\windows\system32\krb5.ini”. |
Username/Password | This is not required when testing the Server authentication. In a client mode, this is the Client authentication credentials (not the windows or the ticket-cache authentication). |
Use Cached Credentials | Check this option if you want to use the cached user credentials. |