/
Disable Kerberos for some users
Disable Kerberos for some users
- August Heltne
- Steinar Line
Owned by August Heltne
Kerberos authentication can be limited to to specific users, specific IP address ranges and/or User-Agents.
On this page as the screenshot below shows you can configure what user directories or for what groups the identity from Kerberos should be used. If a user is not in the specified directory or group it will not be logged in by Kerberos. This may be used for avoiding Kerberos logins for certain admin users or other users where you want other SSO mechanisms like SAML or OIDC to be easier available.
Another way of avoiding a Kerberos login is by adding ?nokerberos or ?nokerberosSession to the URL.
, multiple selections available,
Related content
Manage Kerberos access
Manage Kerberos access
More like this
Kerberos client failures
Kerberos client failures
Read with this
Secure windows authentication without passwords
Secure windows authentication without passwords
More like this
Kantega SSO Enterprise product documentation
Kantega SSO Enterprise product documentation
Read with this
User agent restrictions
User agent restrictions
More like this
Client IP restrictions
Client IP restrictions
More like this