/
Disable Kerberos for some users
Disable Kerberos for some users
Kerberos authentication can be limited to to specific users, specific IP address ranges and/or User-Agents.
On this page as the screenshot below shows you can configure what user directories or for what groups the identity from Kerberos should be used. If a user is not in the specified directory or group it will not be logged in by Kerberos. This may be used for avoiding Kerberos logins for certain admin users or other users where you want other SSO mechanisms like SAML or OIDC to be easier available.
Another way of avoiding a Kerberos login is by adding ?nokerberos or ?nokerberosSession to the URL.
, multiple selections available,
Related content
Manage Kerberos access
Manage Kerberos access
More like this
How Kerberos works
How Kerberos works
More like this
Kerberos setup wizard
Kerberos setup wizard
More like this
Kerberos client failures
Kerberos client failures
Read with this
Prevent traditional login
Prevent traditional login
More like this
Group memberships at login
Group memberships at login
More like this