You can use Kerberos authentication when you add a host.

About this task

The krb5.conf file contains the following information:

  • Kerberos configuration information

  • Locations of Key Distribution Centers (KDC) and administration servers for the Kerberos realms of interest

  • Default values for the current realm and for Kerberos applications

  • Mappings of host names onto Kerberos realms

Procedure

Create a krb5.conf file and save it to the following location.

Operating System

Path

Windows

C:\Program Files\Common Files\VMware\VMware vCenter Server - Java Components\lib\security\

Linux

/usr/java/jre-vmware/lib/security/

A krb5.conf file has the following structure:

[libdefaults] 
default_realm = YOURDOMAIN.COM 
udp_preference_limit = 1
[realms] 
YOURDOMAIN.COM = { 
kdc = kdc.yourdomain.com 
default_domain = yourdomain.com 
} 
[domain_realms] 
.yourdomain.com=YOURDOMAIN.COM
yourdomain.com=YOURDOMAIN.COM
Note:

The Kerberos authentication requires a Fully Qualified Domain Name (FQDN) host address.

Important:

When you add or modify the krb5.conf file, you must restart the Orchestrator server service.