Note: There are some guidelines to be aware of when creating a trusted user. For further details, refer to the Create a LoadMaster Trusted User section.

To configure the server (outbound) SSO domain, follow the steps below in the LoadMaster Web User Interface (WUI):

  1. In the main menu, select Virtual Services > Manage SSO.

  2. In the Server Side Single Sign On Configurations section, enter the name of the Single Sign On (SSO) domain in the Name text box and click Add.

  3. Select Kerberos Constrained Delegation as the Authentication Protocol.
  4. Enter the Kerberos Realm address and click Set Kerberos realm. Click OK.
    Note: The Kerberos realm should be a name (not an IP address), such as kemptech.local. If an IP address is specified, authentication will not work. This field only accepts one name. Double quotes are not allowed in this field.
  5. Enter the address of the Kerberos Key Distribution Center and click Set Kerberos KDC. Click OK.
    Note: This field only accepts one Key Distribution Center.Double quotes are not allowed in this field.
  6. Enter the Kerberos Trusted User Name and click Set KCD trusted user name. Click OK.
    Note: Refer to the Create a LoadMaster Trusted User section of this document for some key requirements relating to this trusted user account.
    Note: Double and single quotes are not allowed in the Kerberos Trusted User Name field.
  7. Enter the Kerberos Trusted User Password and click Set KCD trusted user password. Click OK.