E.5 implementing kerberos without the kss – Symbol Technologies Spectrum24 AP-4131 User Manual

Installing and Configuring Kerberos Setup Service

E-14

AP-4131 Access Point Product Reference Guide

4. Enter the AP access range set the time and status information using the

Setup Start Time

and

Setup Expire Time

pull-down menus.

5. Set the SNMP Setting.

6. Click

Add

when all the parameters have been entered.

After the AP initializes, the AP list view window displays the

Connection

Events

(APs successful in gaining access to KSS).

E.5 Implementing Kerberos without the KSS

Kerberos support is available for the AP-4131 access point without the use of
the KSS. This configuration requires Windows 2000 Server with SP2.

To configure Kerberos support without the KSS:

1. Install Active Directory, making the server a domain controller (preferably

a Primary Domain Controller).
Configuring an Additional Domain Controller requires the presence of a
PDC and synchronization of the user database. Choose defaults for
Domain Controller configuration if it is a PDC. Record the Domain name
as it would be needed for configuring the AP.

2. Enable DNS if no other DNS server is available on the network.

3. Enable network time services (Daytime or SNTP) on this server or another

networked server. The same server as the KDC server can be used.
From the Windows Control Panel, click

Add/Remove Programs

. Click

Add/Remove Windows Components

, double-click

Networking

Services

, and select

Simple TCP/IP Services

. Click

OK

and

Next

. The

Win2k Server CD is required to add this component.

4. Create user accounts for the access points and Kerberos Clients. The

username for the access point user account should be the same as the
access point ESSID. Therefore, only one AP user account for each WLAN
(or ESSID) is required.

5. After creating each account, right-click on an account and click

properties. Click the

Account

tab. Select

Do not require Kerberos

Pre-Authentication

.