2.8 User Source Settings

You can use the User Source Settings panel to perform the following tasks on the ZENworks Server.

2.8.1 Kerberos Authentication

The User Source Settings panel lets you search for and select a keytab file used for Kerberos authentication. All Kerberos server machines need a keytab file to authenticate to the Key Distribution Center (KDC). The keytab file is an encrypted, local, on-disk copy of the host's key.

Before you can import the keytab file, you must set up a Kerberos service principal account and generate a keytab file for that account. For more information, see Kerberos (Active Directory or Domain Services for Windows).

To import the keytab file, click Browse icon to search for the file, then click OK.

After importing the keytab file, you can enable Kerberos authentication while adding a user source. To do so, click the Configuration tab, then click New in the User Sources panel to launch the Create New User Source Wizard. You can also enable Kerberos authentication on an existing user source. To do so, click the Configuration tab, click the user source, then click Edit next to Authentication Mechanisms in the General section.

2.8.2 Active Directory Settings

The Active Directory Settings panel lets you configure the range to search for Active Directory group memberships within a user container.

For example, assume that you have a user container named BLR that has the A, B, and C top-level groups and the following nested groups:

  • Group A has a nested group A1, A1 has a nested group A2, and A2 has a nested group A3.

  • Group B has a nested group B1, B1 has a nested group B2, and B2 has a nested group B3.

  • Group C has a nested group C1 and C1 has a nested group C2.

Select one of the following options:

  • Top-level groups only: Limits the search to within the top-level groups of the user container. For example, select this option if you want the search to be performed only in the A, B, and C top-level groups and not in the nested groups (A1, A2, A3, B1, B2, B3,C1, C2).

  • Top-level groups and all the nested groups: Searches within all the top-level groups and all the nested groups of the user container. For example, select this option if you want the search to be performed in the top-level groups (A, B, and C) and in all the nested groups (A1, A2, A3, B1, B2, B3,C1, C2).

  • Top-level groups and the nested group depth level upto: Lets you specify the nested group level to search. For example:

    • For the nested group depth level specified as1, the search is performed in all the top-level groups (A, B, and C) and in the A1, B1, and C1 nested groups.

    • For the nested group depth level specified as 2, the search is performed in all the top-level groups (A, B, and C) and in the A1, A2, B1, B2, C1, and C2 nested groups.

    • For the nested group depth level specified as 3, the search is performed in all the top-level groups (A, B, and C) and in the A1, A2, A3, B1, B2, B3, C1, and C2 nested groups.