![]() |
AE Services provides the ability to authenticate users using an external server such as Microsoft Active Directory Services (ADS) or OpenLDAP. If you use ADS, you can implement it with or without Kerberos. This section provides a sample scenario for integrating AE Services with ADS using Kerberos.
In a configuration with ADS and Kerberos, ADS is the AE Services authentication authority, and AE Services users are authenticated against a Domain Controller. This method of authentication requires integrating the AE Server into ADS as a Kerberos client (using Kerberos5).
With this authentication method, AE Services users do not have access rights to the AE Services Management Console and cannot log into the AE Services Server (Linux).
If the security database is enabled, the AE Services user must also have an account administered in User Management.
The AE Services Server will authenticate using Kerberos5.
![]() | Note |
The time differential between the Domain Controller and the AE Services Server must be less than 2 minutes. |