ZCS Administrator Guide 8.0
ZCS Administrator Guide 8.0
Network Edition


Zimbra LDAP Service > Kerberos5 Authentication Mechanism

Kerberos5 Authentication Mechanism
Kerberos5 Authentication Mechanism authenticates users against an external Kerberos server.
1.
Set the domain attribute zimbraAuthMech to kerberos5.
2.
Set the domain attribute zimbraAuthKerberos5Realm to the Kerberos5 realm in which users in this domain are created in the Kerberos database.
When users log in with an email password and the domain, zimbraAuthMech is set to kerberos5, the server constructs the Kerberos5 principal by {localpart-of-the-email}@{value-of-zimbraAuthKerberos5Realm} and uses that to authenticate to the kerberos5 server.
To specify Kerberos5 for an individual account set the account’s zimbraForeignPrincipal as kerberos5:{kerberos5-principal}. For example: kerberos5:user1@MYREALM.COM.
Copyright © 2012 VMware Inc.