The keytab file should be already created on the Domain Controller for the Linux Host name (for the URL that the Employees will use to access the EPC 11 Web portal). It can be the Linux host name with the domain name suffix or it can be a DNS alias.

  1. Convert the keytab file to base64 string. To do this:
    1. Copy the keytab file to the Linux host
    2. Run the following command: base64 [keytab file] (ex. base64 epc10.keytab)
    3. Copy the resulting string from the SSH
  2. Login to the EPC 11 Web portal with epcadmin user (using compatible Chrome or Firefox browser)
  3. Navigate to System Admin page
  4. Switch to System Settings tab
  5. Edit the row for the variable PASSPORT_KERBEROS_KEYTAB and enter the following string:
    1. Data:;base64,[string generated for keytab]
    2. Replace [string generated for keytab] by the string that was generated in Linux based on the keytab file
  6. Edit the row for the variable PASSPORT_KERBEROS
    1. Replace in the variable string the server name (or alias) of the Linux server, should be the same as used to create the keytab file
  7. Edit the row for the variable PASSPORT_LDAP
    1. Replace in the variable string the domain name with the company domain values. For the username, use the same username as used to generate the keytab file.
  8. Edit the row for the variable PASSPORT_STRATEGY_TO_USE
    1. Set the value to KERBEROS
  9. Click on the button Copy Link and Apply Changes

Need more help with this?
Visit the Support Portal

Thanks for your feedback.