To configure the VMware Identity Manager service to provide Kerberos authentication for desktops, you must join to the domain and enable Kerberos authentication on the connector.

1. In the VMware Identity Manager console Identity & Access Management tab, select Setup.
2. In the Worker column for the connector, click Auth Adapters.
3. Click KerberosIdpAdapter
   You are redirected to the identity manager sign-in page.
4. Click Edit in the KerberosldpAdapter row and configure the Kerberos authentication page.

   Option	Description
   Name	A name is required. The default name is KerberosIdpAdapter. You can change the name.
   Directory UID Attribute	Enter the account attribute that contains the user name.
   Enable Windows Authentication	Select Enable Windows Authentication to extend authentication interactions between users' browsers and VMware Identity Manager.
   Enable NTLM	Select Enable NTLM for NT LAN Manager (NTLM) protocol-based authentication only if your Active Directory infrastructure relies on NTLM authentication. Note: This option is only supported on Linux-based VMware Identity Manager.
   Enable Redirect	If multiple connectors are configured in a cluster and Kerberos is set up for high availability behind a load balancer, select Enable Redirect and specify a value for Redirect Host Name. If only one connector is deployed, you do not need to use the Enable Redirect and Redirect Host Name options.
   Redirect Host Name	A value is required if the Enable Redirect option is selected. Enter the connector's own hostname. For example, if the connector's host name is connector1.example.com, enter connector1.example.com in the text box.

5. Click Save.