Configuring network authentication service on System D

 

You need to configure network authentication service on System D so that it matches the configuration settings on System A. To configure network authentication service, follow these steps:

  1. In iSeries™ Navigator, expand System D > Security .

  2. Right-click Network Authentication Service and select Configure to start the configuration wizard.

    After you have configured network authentication service, this option will be Reconfigure.

  3. Review the Welcome page for information about what objects the wizard creates. Click Next.

  4. On the Specify realm information page, enter MYCO.COM in the Default realm field and select Microsoft Active Directory is used for Kerberos authentication. Click Next.

  5. On the Specify KDC information page, enter kdc1.myco.com for the name of the Kerberos server for this realm in the KDC field and enter 88 in thePort field. Click Next.

  6. On the Specify password information page, select Yes to configure System D to point to the password server configured for the default realm. The password server has already been configured. It allows principals to change passwords on the Kerberos server. Enter kdc1.myco.com in the Password server field. The password server has the default port of 464. Click Next.

  7. On the Select keytab entries page, select i5/OS Kerberos Authentication. Click Next.

  8. On the Create i5/OS® keytab entry page, enter and confirm a password. For example, systemd123. Click Next.

  9. Optional: On the Create batch file page, select No.

  10. On the Summary page, review the network authentication service configuration details. Click Finish.

 

Parent topic:

Scenario: Propagating network authentication service configuration across multiple systems
Previous topic: Propagating system settings from the model system (System A) to System B and System C
Next topic: Adding the principals for endpoint systems to the Windows 2000 domain