ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakh_5.4.0.1/rzakhscenmc2.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="reference" />
<meta name="DC.Title" content="Scenario: Use Kerberos authentication between Management Central servers" />
<meta name="abstract" content="Use the following scenario to become familiar with the prerequisites and objectives for using Kerberos authentication between Management Central servers." />
<meta name="description" content="Use the following scenario to become familiar with the prerequisites and objectives for using Kerberos authentication between Management Central servers." />
<meta name="DC.Relation" scheme="URI" content="rzakhscen.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_completeplanningworksheets.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_setcentralsystem.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_createmyco2systemgroup.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_collectsystemvalues.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_compareandupdatekerberos.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_restartmanagementcentral.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_addkerberosserviceprincipal.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_verifykerberosprincipal.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_allowtrustedconnections.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_repeatsteps4through6.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_testauthenticationon.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakhscenmc2" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Scenario: Use Kerberos authentication between Management Central servers</title>
</head>
<body id="rzakhscenmc2"><a name="rzakhscenmc2"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Scenario: Use Kerberos authentication between Management Central servers</h1>
<div><p>Use the following scenario to become familiar with the prerequisites
and objectives for using Kerberos authentication between Management Central
servers.</p>
<div class="section"><h4 class="sectionscenariobar">Situation</h4><p>You are
a network administrator for a medium-sized parts manufacturer. You currently
manage four iSeries™ systems
using iSeries Navigator
on a client PC. You want your Management Central server jobs to use Kerberos
authentication instead of other authentication methods you have used in the
past, namely password synchronization.</p>
</div>
<div class="section"><h4 class="sectionscenariobar">Objectives</h4><p>In this
scenario, the goal for MyCo, Inc. is to use Kerberos authentication among
Management Central servers.</p>
</div>
<div class="section" id="rzakhscenmc2__details"><a name="rzakhscenmc2__details"><!-- --></a><h4 class="sectionscenariobar">Details</h4><p>The
following graphic shows the details for this scenario. </p>
<br /><img src="rzakh513.gif" longdesc="rzakh513_desc.htm" alt="Use Kerberos authentication between endpoint systems" /><br /><div class="p"><strong>iSeries A
- Model system and central system</strong><ul><li><span><img src="./delta.gif" alt="Start of change" />Runs i5/OS™ Version 5 Release 3 (V5R3) or later with the
following options and licensed products installed:<img src="./deltaend.gif" alt="End of change" /></span><ul><li>i5/OS Host
Servers (5722-SS1 Option 12)</li>
<li>iSeries Access
for Windows<sup>®</sup> (5722-XE1)</li>
<li><img src="./delta.gif" alt="Start of change" />Network Authentication Enablement (5722-NAE) if you are using
V5R4 or later<img src="./deltaend.gif" alt="End of change" /></li>
<li><img src="./delta.gif" alt="Start of change" />Cryptographic Access Provider (5722-AC3) if you are running
V5R3<img src="./deltaend.gif" alt="End of change" /></li>
</ul>
</li>
<li>i5/OS service
principal, krbsvr400/iseriesa.myco.com@MYCO.COM, and associated password have
been added to the keytab file.</li>
<li>Stores, schedules and runs synchronize setting tasks for each of the endpoint
systems.</li>
</ul>
</div>
<div class="p"><strong>iSeries B
- Endpoint system</strong><ul><li><img src="./delta.gif" alt="Start of change" />Runs i5/OS Version 5 Release 3 (V5R3) or later with the
following options and licensed products installed:<ul><li>i5/OS Host
Servers (5722-SS1 Option 12)</li>
<li>iSeries Access
for Windows (5722-XE1)</li>
<li>Network Authentication Enablement (5722-NAE) if you are using V5R4 or
later</li>
<li>Cryptographic Access Provider (5722-AC3) if you are running
V5R3</li>
</ul>
<img src="./deltaend.gif" alt="End of change" /></li>
<li>i5/OS service
principal, krbsvr400/iseriesb.myco.com@MYCO.COM, and associated password have
been added to the keytab file.</li>
</ul>
</div>
<div class="p"><strong>iSeries C
- Endpoint system</strong><ul><li><span><img src="./delta.gif" alt="Start of change" />Runs i5/OS Version 5 Release 4 (V5R4) with the following
options and licensed products installed:<img src="./deltaend.gif" alt="End of change" /></span><ul><li>i5/OS Host
Servers (5722-SS1 Option 12)</li>
<li>iSeries Access
for Windows (5722-XE1)</li>
<li><img src="./delta.gif" alt="Start of change" />Network Authentication Enablement (5722-NAE)<img src="./deltaend.gif" alt="End of change" /></li>
</ul>
</li>
<li>i5/OS service
principal, krbsvr400/iseriesc.myco.com@MYCO.COM, and associated password have
been added to the keytab file.</li>
</ul>
</div>
<div class="p"><strong>iSeries D
- Endpoint system</strong><ul><li><span><img src="./delta.gif" alt="Start of change" />Runs i5/OS Version 5 Release 3 (V5R3) or later with the
following options and licensed products installed:<img src="./deltaend.gif" alt="End of change" /></span><ul><li>i5/OS Host
Servers (5722-SS1 Option 12)</li>
<li>iSeries Access
for Windows (5722-XE1)</li>
<li><img src="./delta.gif" alt="Start of change" />Cryptographic Access Provider (5722-AC3)<img src="./deltaend.gif" alt="End of change" /></li>
</ul>
</li>
<li>i5/OS service
principal, krbsvr400/iseriesd.myco.com@MYCO.COM, and associated password have
been added to the keytab file.</li>
</ul>
</div>
<div class="p"><strong>Windows 2000 server</strong><ul><li>Operates as the Kerberos server for these systems.</li>
<li>The following i5/OS service principals have been added to the Windows 2000
server:<ul><li>krbsvr400/iseriesa.myco.com@MYCO.COM</li>
<li>krbsvr400/iseriesb.myco.com@MYCO.COM</li>
<li>krbsvr400/iseriesc.myco.com@MYCO.COM</li>
<li>krbsvr400/iseriesd.myco.com@MYCO.COM</li>
</ul>
</li>
</ul>
</div>
<p><strong>Client PC</strong></p>
<ul><li>Runs iSeries Access
for Windows (5722-XE1).</li>
<li>Runs iSeries Navigator
with the following subcomponents:<div class="note"><span class="notetitle">Note:</span> Only required for PC used to administer
network authentication service.</div>
<ul><li>Network</li>
<li>Security</li>
</ul>
</li>
</ul>
<div class="note"><span class="notetitle">Note:</span> <img src="./delta.gif" alt="Start of change" />The KDC server name, <strong>kdc1.myco.com</strong>, and the
hostname, <strong>iseriesa.myco.com</strong> are fictitious names used in this scenario.<img src="./deltaend.gif" alt="End of change" /></div>
</div>
<div class="section"><h4 class="sectionscenariobar">Prerequisites and assumptions</h4><ol><li>All system requirements, including software and operating system installation,
have been verified.<div class="p">To verify that the licensed programs have been installed,
complete the following:<ol type="a"><li>In iSeries Navigator,
expand <span class="menucascade"><span class="uicontrol">your iSeries server</span> &gt; <span class="uicontrol">Configuration
and Service</span> &gt; <span class="uicontrol">Software</span> &gt; <span class="uicontrol">Installed
Products</span></span>.</li>
<li>Ensure that all the necessary licensed programs are installed.</li>
</ol>
</div>
</li>
<li>All necessary hardware planning and setup have been completed.</li>
<li>TCP/IP and basic system security have been configured and tested on each
of these servers.</li>
<li>No one has changed the default settings in iSeries Navigator to stop the Task Status
window from opening when a task starts. To verify that the default setting
has not been changed, follow these steps:<ol type="a"><li>In iSeries Navigator,
right-click <span class="menucascade"><span class="uicontrol">your central system</span></span> and
select <span class="uicontrol">User Preferences</span>.</li>
<li>On the <span class="uicontrol">General</span> page, verify that <span class="uicontrol">Automatically
open a task status window when one of my tasks starts</span> is selected.</li>
</ol>
</li>
<li>This scenario is based on the assumption that network authentication service
has been configured on each system using the Synchronize Functions wizard
in iSeries Navigator.
This wizard propagates network authentication service configuration from a
model system to multiple target systems. See <a href="rzakhscenmc.htm#rzakhscenmc">Scenario: Propagate network authentication service configuration across multiple systems</a> for
details on how to use the Synchronize Functions wizard.</li>
</ol>
</div>
<div class="section"><h4 class="sectionscenariobar">Configuration steps</h4><p>To
configure Kerberos authentication between Management Central servers, perform
these steps.</p>
</div>
</div>
<div>
<ol>
<li class="olchildlink"><a href="rzakhkerberosscenario_completeplanningworksheets.htm">Complete the planning work sheets</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_setcentralsystem.htm">Set central system to use Kerberos authentication</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_createmyco2systemgroup.htm">Create MyCo2 system group</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_collectsystemvalues.htm">Collect system values inventory</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_compareandupdatekerberos.htm">Compare and update Kerberos settings in iSeries Navigator</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_restartmanagementcentral.htm">Restart Management Central server on the central system and target systems</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_addkerberosserviceprincipal.htm">Add Kerberos service principal to the trusted group file for each endpoint</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_verifykerberosprincipal.htm">Verify the Kerberos principals are added to the trusted group file</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_allowtrustedconnections.htm">Allow trusted connections for the central system</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_repeatsteps4through6.htm">Repeat Steps 4 through 6 for target systems</a><br />
</li>
<li class="olchildlink"><a href="rzakhkerberosscenario_testauthenticationon.htm">Test authentication on the endpoint systems</a><br />
</li>
</ol>

<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhscen.htm" title="Use these scenarios to learn about network authentication service.">Scenarios</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="reference" />`
			`<meta name="DC.Title" content="Scenario: Use Kerberos authentication between Management Central servers" />`
			`<meta name="abstract" content="Use the following scenario to become familiar with the prerequisites and objectives for using Kerberos authentication between Management Central servers." />`
			`<meta name="description" content="Use the following scenario to become familiar with the prerequisites and objectives for using Kerberos authentication between Management Central servers." />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhscen.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_completeplanningworksheets.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_setcentralsystem.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_createmyco2systemgroup.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_collectsystemvalues.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_compareandupdatekerberos.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_restartmanagementcentral.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_addkerberosserviceprincipal.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_verifykerberosprincipal.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_allowtrustedconnections.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_repeatsteps4through6.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakhkerberosscenario_testauthenticationon.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rzakhscenmc2" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>Scenario: Use Kerberos authentication between Management Central servers</title>`
			`</head>`
			`<body id="rzakhscenmc2"><a name="rzakhscenmc2"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">Scenario: Use Kerberos authentication between Management Central servers</h1>`
			`<div><p>Use the following scenario to become familiar with the prerequisites`
			`and objectives for using Kerberos authentication between Management Central`
			`servers.</p>`
			`<div class="section"><h4 class="sectionscenariobar">Situation</h4><p>You are`
			`a network administrator for a medium-sized parts manufacturer. You currently`
			`manage four iSeries™ systems`
			`using iSeries Navigator`
			`on a client PC. You want your Management Central server jobs to use Kerberos`
			`authentication instead of other authentication methods you have used in the`
			`past, namely password synchronization.</p>`
			`</div>`
			`<div class="section"><h4 class="sectionscenariobar">Objectives</h4><p>In this`
			`scenario, the goal for MyCo, Inc. is to use Kerberos authentication among`
			`Management Central servers.</p>`
			`</div>`
			`<div class="section" id="rzakhscenmc2__details"><a name="rzakhscenmc2__details"><!-- --></a><h4 class="sectionscenariobar">Details</h4><p>The`
			`following graphic shows the details for this scenario. </p>`
			`<br /><img src="rzakh513.gif" longdesc="rzakh513_desc.htm" alt="Use Kerberos authentication between endpoint systems" /><br /><div class="p"><strong>iSeries A`
			`- Model system and central system</strong><ul><li><span><img src="./delta.gif" alt="Start of change" />Runs i5/OS™ Version 5 Release 3 (V5R3) or later with the`
			`following options and licensed products installed:<img src="./deltaend.gif" alt="End of change" /></span><ul><li>i5/OS Host`
			`Servers (5722-SS1 Option 12)</li>`
			`<li>iSeries Access`
			`for Windows<sup>®</sup> (5722-XE1)</li>`
			`<li><img src="./delta.gif" alt="Start of change" />Network Authentication Enablement (5722-NAE) if you are using`
			`V5R4 or later<img src="./deltaend.gif" alt="End of change" /></li>`
			`<li><img src="./delta.gif" alt="Start of change" />Cryptographic Access Provider (5722-AC3) if you are running`
			`V5R3<img src="./deltaend.gif" alt="End of change" /></li>`
			`</ul>`
			`</li>`
			`<li>i5/OS service`
			`principal, krbsvr400/iseriesa.myco.com@MYCO.COM, and associated password have`
			`been added to the keytab file.</li>`
			`<li>Stores, schedules and runs synchronize setting tasks for each of the endpoint`
			`systems.</li>`
			`</ul>`
			`</div>`
			`<div class="p"><strong>iSeries B`
			`- Endpoint system</strong><ul><li><img src="./delta.gif" alt="Start of change" />Runs i5/OS Version 5 Release 3 (V5R3) or later with the`
			`following options and licensed products installed:<ul><li>i5/OS Host`
			`Servers (5722-SS1 Option 12)</li>`
			`<li>iSeries Access`
			`for Windows (5722-XE1)</li>`
			`<li>Network Authentication Enablement (5722-NAE) if you are using V5R4 or`
			`later</li>`
			`<li>Cryptographic Access Provider (5722-AC3) if you are running`
			`V5R3</li>`
			`</ul>`
			`<img src="./deltaend.gif" alt="End of change" /></li>`
			`<li>i5/OS service`
			`principal, krbsvr400/iseriesb.myco.com@MYCO.COM, and associated password have`
			`been added to the keytab file.</li>`
			`</ul>`
			`</div>`
			`<div class="p"><strong>iSeries C`
			`- Endpoint system</strong><ul><li><span><img src="./delta.gif" alt="Start of change" />Runs i5/OS Version 5 Release 4 (V5R4) with the following`
			`options and licensed products installed:<img src="./deltaend.gif" alt="End of change" /></span><ul><li>i5/OS Host`
			`Servers (5722-SS1 Option 12)</li>`
			`<li>iSeries Access`
			`for Windows (5722-XE1)</li>`
			`<li><img src="./delta.gif" alt="Start of change" />Network Authentication Enablement (5722-NAE)<img src="./deltaend.gif" alt="End of change" /></li>`
			`</ul>`
			`</li>`
			`<li>i5/OS service`
			`principal, krbsvr400/iseriesc.myco.com@MYCO.COM, and associated password have`
			`been added to the keytab file.</li>`
			`</ul>`
			`</div>`
			`<div class="p"><strong>iSeries D`
			`- Endpoint system</strong><ul><li><span><img src="./delta.gif" alt="Start of change" />Runs i5/OS Version 5 Release 3 (V5R3) or later with the`
			`following options and licensed products installed:<img src="./deltaend.gif" alt="End of change" /></span><ul><li>i5/OS Host`
			`Servers (5722-SS1 Option 12)</li>`
			`<li>iSeries Access`
			`for Windows (5722-XE1)</li>`
			`<li><img src="./delta.gif" alt="Start of change" />Cryptographic Access Provider (5722-AC3)<img src="./deltaend.gif" alt="End of change" /></li>`
			`</ul>`
			`</li>`
			`<li>i5/OS service`
			`principal, krbsvr400/iseriesd.myco.com@MYCO.COM, and associated password have`
			`been added to the keytab file.</li>`
			`</ul>`
			`</div>`
			`<div class="p"><strong>Windows 2000 server</strong><ul><li>Operates as the Kerberos server for these systems.</li>`
			`<li>The following i5/OS service principals have been added to the Windows 2000`
			`server:<ul><li>krbsvr400/iseriesa.myco.com@MYCO.COM</li>`
			`<li>krbsvr400/iseriesb.myco.com@MYCO.COM</li>`
			`<li>krbsvr400/iseriesc.myco.com@MYCO.COM</li>`
			`<li>krbsvr400/iseriesd.myco.com@MYCO.COM</li>`
			`</ul>`
			`</li>`
			`</ul>`
			`</div>`
			`<p><strong>Client PC</strong></p>`
			`<ul><li>Runs iSeries Access`
			`for Windows (5722-XE1).</li>`
			`<li>Runs iSeries Navigator`
			`with the following subcomponents:<div class="note"><span class="notetitle">Note:</span> Only required for PC used to administer`
			`network authentication service.</div>`
			`<ul><li>Network</li>`
			`<li>Security</li>`
			`</ul>`
			`</li>`
			`</ul>`
			`<div class="note"><span class="notetitle">Note:</span> <img src="./delta.gif" alt="Start of change" />The KDC server name, <strong>kdc1.myco.com</strong>, and the`
			`hostname, <strong>iseriesa.myco.com</strong> are fictitious names used in this scenario.<img src="./deltaend.gif" alt="End of change" /></div>`
			`</div>`
			`<div class="section"><h4 class="sectionscenariobar">Prerequisites and assumptions</h4><ol><li>All system requirements, including software and operating system installation,`
			`have been verified.<div class="p">To verify that the licensed programs have been installed,`
			`complete the following:<ol type="a"><li>In iSeries Navigator,`
			`expand <span class="menucascade"><span class="uicontrol">your iSeries server</span> > <span class="uicontrol">Configuration`
			`and Service</span> > <span class="uicontrol">Software</span> > <span class="uicontrol">Installed`
			`Products</span></span>.</li>`
			`<li>Ensure that all the necessary licensed programs are installed.</li>`
			`</ol>`
			`</div>`
			`</li>`
			`<li>All necessary hardware planning and setup have been completed.</li>`
			`<li>TCP/IP and basic system security have been configured and tested on each`
			`of these servers.</li>`
			`<li>No one has changed the default settings in iSeries Navigator to stop the Task Status`
			`window from opening when a task starts. To verify that the default setting`
			`has not been changed, follow these steps:<ol type="a"><li>In iSeries Navigator,`
			`right-click <span class="menucascade"><span class="uicontrol">your central system</span></span> and`
			`select <span class="uicontrol">User Preferences</span>.</li>`
			`<li>On the <span class="uicontrol">General</span> page, verify that <span class="uicontrol">Automatically`
			`open a task status window when one of my tasks starts</span> is selected.</li>`
			`</ol>`
			`</li>`
			`<li>This scenario is based on the assumption that network authentication service`
			`has been configured on each system using the Synchronize Functions wizard`
			`in iSeries Navigator.`
			`This wizard propagates network authentication service configuration from a`
			`model system to multiple target systems. See <a href="rzakhscenmc.htm#rzakhscenmc">Scenario: Propagate network authentication service configuration across multiple systems</a> for`
			`details on how to use the Synchronize Functions wizard.</li>`
			`</ol>`
			`</div>`
			`<div class="section"><h4 class="sectionscenariobar">Configuration steps</h4><p>To`
			`configure Kerberos authentication between Management Central servers, perform`
			`these steps.</p>`
			`</div>`
			`</div>`
			`<div>`
			`<ol>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_completeplanningworksheets.htm">Complete the planning work sheets</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_setcentralsystem.htm">Set central system to use Kerberos authentication</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_createmyco2systemgroup.htm">Create MyCo2 system group</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_collectsystemvalues.htm">Collect system values inventory</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_compareandupdatekerberos.htm">Compare and update Kerberos settings in iSeries Navigator</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_restartmanagementcentral.htm">Restart Management Central server on the central system and target systems</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_addkerberosserviceprincipal.htm">Add Kerberos service principal to the trusted group file for each endpoint</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_verifykerberosprincipal.htm">Verify the Kerberos principals are added to the trusted group file</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_allowtrustedconnections.htm">Allow trusted connections for the central system</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_repeatsteps4through6.htm">Repeat Steps 4 through 6 for target systems</a><br />`
			`</li>`
			`<li class="olchildlink"><a href="rzakhkerberosscenario_testauthenticationon.htm">Test authentication on the endpoint systems</a><br />`
			`</li>`
			`</ol>`

			`<div class="familylinks">`
			`<div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhscen.htm" title="Use these scenarios to learn about network authentication service.">Scenarios</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`