Powered by Zoomin Software. For more details please contactZoomin

Database Activity Monitoring User Guide

Source Type
Application Security
Data Security
Network Security
Application Performance
Product Versions
Hypervisor Installation
Document Type
Public Cloud
    Community Content Type
      Product Area
      This guide

      Automatically Obtain Kerberos Passwords

      Table of Contents

      Automatically Obtain Kerberos Passwords

       Automatically Obtain Kerberos Passwords

      This procedure describes how to configure access to the domain controller in order to extract Kerberos keys of machine accounts. To perform this procedure, you need to know the credentials of a user with admin permissions for the active directory.

      To configure SecureSphere to access the domain controller:

      1. On the Kerberos tab, enable the Using Kerberos option.

      2. Fill in the fields for the Automatically obtain passwords from domain controller option.
        • IP: Enter the IP address of your Windows domain controller.
        • User: Enter the domain and name of a user with admin permissions for the active directory.
        • Password: Type the password for the user.
        • Verify Password: Retype the password.
      3. Click Save. Do one or both of the following:
        • To immediately extract Kerberos keys from the domain controller, click Run Now.
        • To schedule Kerberos key extraction, expand the Not Scheduled link.

        • To schedule one extraction, select Once and then select the date and the time.
        • To schedule recurring extractions, select Recurring and then select the frequency (Daily, Weekly, or Monthly), the start date, and the time.

      4. Click Save in the upper right of the screen. Your settings are saved.
      5. (Recommended) After you configure Kerberos, disable the Automatic Machine Account Password Changes Windows feature. For more information, see (Recommended) Disabling Automatic Machine Account Password Change.

        Note: When SecureSphere successfully obtains Kerberos keys from the domain controller, the keys are added to the Kerberos Keys table. For more information, see Managing Kerberos Keys.

      Was this topic helpful?