Kerberos clients are applications acting on behalf of users who need access to a resource, such as opening a file, querying a database, or printing a document. Every Kerberos client requests authentication before the resource is accessed. Once the client is recognized as trusted, a secure session between the client and the service hosting the resource is established.
Aspects
The following is a list of all aspects that are part of this managed entity:
| Name | Description |
|---|
KDC Certificate Availability | The Kerberos ticket exchange is encrypted from the Kerberos client to the Kerberos Key Distribution Center (KDC) by using a domain controller certificate, also known as the KDC certificate. |
Kerberos Client Configuration | If the client computers are joined to an Active Directory domain, the Kerberos client is configured to request ticket-granting tickets (TGTs) from the Kerberos Key Distribution Center (KDC) automatically. On successful receipt of the ticket, the Kerberos client caches the ticket on the local computer. |
Kerberos Smart Card Configuration | The Kerberos client can be configured to use smart card authentication for user accounts on an organization's network. |
Stored Password Configuration | A user account's password or personal identification number (PIN) can be stored on the local computer, which allows the user to log on to the computer without entering a password or PIN. |
Related Management Information
Core Security