5.3 Kerberos
To ensure that the AGW can communicate via Kerberos, it has to connect to the AD. To do this, the DC needs to be entered as the DNS under «Sys Config».
Figure 13: Join AD Domain
Once the AGW is connected, you can view it in the AD under «Computer». Please do not move the AGW. Simply activate the Kerberos delegation in the AGW's properties.
Figure 14: Activation of the delegation
An LDAP read only user is required to read out the OU attribute and AD group once the user has been successfully authenticated with the Kerberos ticket.
Figure 15: LDAP read only user