<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en-us" xml:lang="en-us"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="security" content="public" /> <meta name="Robots" content="index,follow" /> <meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' /> <meta name="DC.Type" content="task" /> <meta name="DC.Title" content="Add a Kerberos server to a realm" /> <meta name="abstract" content="Add a Kerberos server to a realm using network authentication service." /> <meta name="description" content="Add a Kerberos server to a realm using network authentication service." /> <meta name="DC.Relation" scheme="URI" content="rzakhmanage.htm" /> <meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" /> <meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" /> <meta name="DC.Format" content="XHTML" /> <meta name="DC.Identifier" content="rzakhaddkdc" /> <meta name="DC.Language" content="en-us" /> <!-- All rights reserved. Licensed Materials Property of IBM --> <!-- US Government Users Restricted Rights --> <!-- Use, duplication or disclosure restricted by --> <!-- GSA ADP Schedule Contract with IBM Corp. --> <link rel="stylesheet" type="text/css" href="./ibmdita.css" /> <link rel="stylesheet" type="text/css" href="./ic.css" /> <title>Add a Kerberos server to a realm</title> </head> <body id="rzakhaddkdc"><a name="rzakhaddkdc"><!-- --></a> <!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script> <h1 class="topictitle1">Add a Kerberos server to a realm</h1> <div><p>Add a Kerberos server to a realm using network authentication service.</p> <div class="p"><p> As the network administrator, you can add a Kerberos server to a realm using network authentication service. Before you can add the Kerberos server to the realm, you need to know the name and the port on which it listens.</p> <p>To add a key distribution center to a realm, complete these steps:</p> </div> <ol><li class="stepexpand"><span>In iSeries™ Navigator, expand <span class="menucascade"><span class="uicontrol">your iSeries server</span> > <span class="uicontrol">Security</span> > <span class="uicontrol">Network Authentication Service</span> > <span class="uicontrol">Realms</span></span> .</span></li> <li class="stepexpand"><span>Right-click the name of the realm in the right pane and select <span class="uicontrol">Properties</span>.</span></li> <li class="stepexpand"><span>On the <span class="uicontrol">General</span> tab, enter the name of the Kerberos server that you want to add to this realm in the <span class="uicontrol">KDC</span> field. The Kerberos server is required for all realms. </span> For example, kdc2.myco.com might be a valid entry.</li> <li class="stepexpand"><span>Enter the port number on which the Kerberos server listens for requests. A valid port number can be 1-65535. The default port for the Kerberos server is 88.</span> </li> <li class="stepexpand"><span>Click <span class="uicontrol">Add</span>. The new Kerberos server will appear in the <span class="uicontrol">Key Distribution Center (KDC) for this realm</span> list.</span></li> <li class="stepexpand"><span>Click <span class="uicontrol">OK</span>.</span></li> </ol> </div> <div> <div class="familylinks"> <div class="parentlink"><strong>Parent topic:</strong> <a href="rzakhmanage.htm" title="Manage network authentication service by requesting tickets, working with key table files, and administering host name resolution. You can also work with credentials files and back up configuration files.">Manage network authentication service</a></div> </div> </div> </body> </html>