SAS Grid Manager and Kerberos Authentication
|
|
- Shana Merritt
- 6 years ago
- Views:
Transcription
1 SAS Grid Manager and Kerberos Authentication Learn the considerations for implementing Kerberos authentication so you can submit workload to SAS Grid Manager.
2 SAS Grid Manager and Kerberos Authentication SAS Webinar Presenters Rob Collum Principal Technical Architect, SAS Edoardo Riva Principal Technical Architect, SAS Stuart Rogers Architecture and Security Lead, SAS
3 SAS Grid Manager and Kerberos Authentication Welcome!
4 SAS Grid Manager with Kerberos Four Paths to Submit Jobs
5 PATH #1: Request TGT: Three Cases Grid-launched workspace servers Auto 1. Using user/password for authentication, the SAS Object Spawner calls kinit to create a Kerberos credential cache and sets KRB5CCNAME to specify the path to it for use by LSF - Using a specific name /tmp/krb5cc_sasgrid_<user>_* - You must set the SAS_GRID_USE_KERBEROS environment variable for this to occur Auto 2. Using IWA/SSPI for authentication, the SAS Object Spawner writes the credentials to a credential cache and sets KRB5CCNAME to specify the path to it for use by LSF - Using a specific name /tmp/krb5cc_sasgrid_<user>_* SAS Object Spawner-launched workspace servers Config 3. Code required in the script WorkspaceServer_usermods.sh - To find Kerberos credentials (created by PAM if SASAUTH is configured for PAM) or call kinit to create a Kerberos credential cache - And then set KRB5CCNAME to specify the path to that credential cache
6 PATH #1: Propagate TGT When the job is submitted by the Object Spawner, LSF copies the credentials pointed to by KRB5CCNAME to the LSF shared directory to keep it renewed. LSF must be configured as per documentation See Using Kerberos Authentication in a Grid Environment in Grid Computing in SAS 9.4, Fifth Edition More on this later
7 PATH #1: Propagate TGT LSF starts a job and copies the credential cache to the execution machine as /tmp/lsf_krb5cc_<job_id>.0.
8 PATH #1: Use TGT Now the SAS Workspace Server has KRB5CCNAME set to a cache that is a renewed copy of the credential cache created on the Object Spawner machine. Kerberos tickets are available in order for downstream SAS processes to authenticate to external resources.
9 PATH #2: Request TGT SASGSUB does not request a Ticket-Granting Ticket User Ticket must be available to the operating system session - Kinit or possibly SSH auto-generates a ticket The Environment Variable KRB5CCNAME must point to the credentials cache (the most reliable approach) The Environment Variable LSF_FULL_VERSION must be set to Should already be set by the installer or lsf.profile If not set Kerberos authentication fails
10 PATH #2: Propagate TGT When the job is submitted by SASGSUB, LSF copies the credentials pointed to by KRB5CCNAME to the LSF shared directory to keep it renewed. LSF must be configured as per documentation See Using Kerberos Authentication in a Grid Environment in Grid Computing in SAS 9.4, Fifth Edition More on this later
11 PATH #2: Propagate TGT LSF starts a job and copies the credential cache to the execution machine as /tmp/lsf_krb5cc_<job_id>.0.
12 PATH #2: Use TGT The corresponding SAS Batch Execution job must be Kerberos aware (if needed) Able to make use of the TGT from the ticket cache Ticket cache identified by KRB5CCNAME environment variable
13 PATH #3: Request TGT Grid-enabled signon of SAS/CONNECT does not request a Ticket-Granting Ticket User Ticket should be available to operating system session (kinit or ssh) - Identified by the KRB5CCNAME environment variable The Environment Variable LSF_FULL_VERSION must be set to Should already be set by the installer or lsf.profile If not set Kerberos authentication fails
14 PATH #3: Propagate TGT When the job is submitted by the Grid-Enabled SAS/CONNECT Client, LSF copies the credentials pointed to by KRB5CCNAME to the LSF shared directory to keep it renewed. LSF must be configured as per documentation See Using Kerberos Authentication in a Grid Environment in Grid Computing in SAS 9.4, Fifth Edition More on this later
15 PATH #3: Propagate TGT LSF starts a job and copies the credential cache to the execution machine as /tmp/lsf_krb5cc_<job_id>.0.
16 PATH #3: Use TGT Now the SAS Grid Server has KRB5CCNAME set to a cache that is a renewed copy of the credential created on the SAS/CONNECT Client machine. Kerberos tickets are available in order for SAS processes to authenticate to external resources.
17 Config Process Manager PATH #4: Request TGT User/password login: the Platform Process Manager Server initializes the credentials via PAM Platform Process Manager periodically renews the credentials Uses the LSF Master configuration to define how often credentials are renewed Can only renew up to Kerberos max lifetime - To schedule beyond this time period a Kerberos keytab should be used to provide credentials
18 PATH #4: Propagate TGT When the job is scheduled to run Platform Process Manager Server forwards the ticket to LSF Master LSF must be configured as per documentation See Using Kerberos Authentication in a Grid Environment in Grid Computing in SAS 9.4, Fifth Edition More on this later
19 PATH #4: Propagate TGT LSF starts a job and copies the credential cache to the execution machine as /tmp/lsf_krb5cc_<job_id>.0.
20 PATH #4: Use TGT Now the SAS Batch Server has KRB5CCNAME set to a cache that is a renewed copy of the credential created on the Platform Process Manager Server machine. Kerberos tickets are available in order for SAS processes to authenticate to external resources.
21 SAS Grid Manager with Kerberos Authentication ALL PATHS: Configuring LSF Master to Propagate TGT The Kerberos key distribution center (KDC) and the client configuration must allow ticket forwarding. In the lsf.conf file, specify the parameter LSB_KRB_TGT_FWD=Y Ensure that the required krb5 libs (libkrb5.so, libcom_err.so, libk5crypto.so, and libkrb5support.so) are in the default directories, or use LSB_KRB_LIB_PATH= to specify where they are. In the lsf.conf file, also specify any of these optional parameters: LSB_KRB_CHECK_INTERVAL LSB_KRB_RENEW_MARGIN LSB_KRB_TGT_DIR specifies the time interval for TGT checking; default value is 15 minutes specifies the amount of time that elapses before the TGT is renewed; default value is 1 hour specifies where to store the TGT on the execution host; default value is /tmp
22 SAS Grid Manager with Kerberos Authentication ALL PATHS: Additional Considerations Kerberos ticket forwarding using LSF works well on Linux & UNIX platforms Job submission with Kerberos is not supported on Windows Kerberos Tickets must be forwardable This allows for authentication forwarding without requiring a password to be typed in again The Kerberos Ticket-Granting Ticket must be address-less to ensure ticket forwarding works correctly This is the default setting for Microsoft Active Directory and MIT Kerberos
23 SAS Grid Manager with Kerberos Authentication ALL PATHS: Troubleshooting Enable Kerberos debugging SAS Object Spawner update $SASCFG/$LEV/ObjectSpawner/logconfig.xml - App.tk.tkegrid logger, with Trace or Debug - Audit.Authentication logger, with Trace or Debug LSF update $LSFTOP/conf/lsf.conf add the following LSB_LOG_MASK=LOG_DEBUG LSB_DEBUG_CMD="LC2_KRB" LSB_CMD_LOGDIR=logging_directory LSF_LOG_MASK=LOG_DEBUG LSF_DEBUG_CMD="LC2_KRB" LSF_CMD_LOGDIR=logging_directory SAS Technical Support, support.sas.com, (U.S. and Canada) and outside the U.S., contact your local SAS office.
24 SAS Grid Manager with Kerberos Authentication References Grid Computing in SAS 9.4, Fifth Ed. SAS 9.4 Intelligence Platform: Security Administration Guide, Third Ed. IBM Administering Platform LSF IBM Administering Platform Process Manager
25 Q&A Please submit your questions in the Q&A window
26 SAS Grid Manager Resources Watch it On Demand!
27 @SASSoftware, #SASGrid SAS Software, SASUsersgroup SASSoftware SAS, SAS Users Group communities.sas.com blogs.sas.com/content
28
29 Thank you
SAS Certified Deployment and Implementation Specialist for SAS Grid Manager 9.4
Sample Questions The following sample questions are not inclusive and do not necessarily represent all of the types of questions that comprise the exams. The questions are not designed to assess an individual's
More informationUsing Two-Factor Authentication to Connect to a Kerberos-enabled Informatica Domain
Using Two-Factor Authentication to Connect to a Kerberos-enabled Informatica Domain Copyright Informatica LLC 2016, 2018. Informatica LLC. No part of this document may be reproduced or transmitted in any
More informationDocument Type: Best Practice
Global Architecture and Technology Enablement Practice Hadoop with Kerberos Deployment Considerations Document Type: Best Practice Note: The content of this paper refers exclusively to the second maintenance
More informationSubversion Plugin HTTPS Kerberos authentication
Subversion Plugin HTTPS Kerberos authentication Introduction Prerequisites Configure the Oracle JRE with Java Cryptography Extension (JCE) Server certificates Prepare and test the domain account Linux
More informationKerberos and NFS4 on Linux. isginf Workshop
Kerberos and NFS4 on Linux isginf Workshop Stefan Walter 13.03.18 1 Welcome First workshop we organize! Background info and three practical labs Goal is to show you how to get NFS4 with Kerberos working
More informationKerberos & HPC Batch systems. Matthieu Hautreux (CEA/DAM/DIF)
Kerberos & HPC Batch systems Matthieu Hautreux (CEA/DAM/DIF) matthieu.hautreux@cea.fr Outline Kerberos authentication HPC site environment Kerberos & HPC systems AUKS From HPC site to HPC Grid environment
More informationScheduling in SAS 9.4, Second Edition
Scheduling in SAS 9.4, Second Edition SAS Documentation September 5, 2017 The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2016. Scheduling in SAS 9.4, Second Edition.
More informationMIT Kerberos & Red Hat
MIT Kerberos & Red Hat Past, Present and Future Dmitri Pal Sr. Engineering Manager, Red Hat Inc. October 2012 Agenda MIT Kerberos and Red Hat involvement Project details Future plans Context Red Hat has
More informationKey Requirements for SAS Grid Users Paper
Key Requirements for SAS Grid Users Paper 7140-2016 ABSTRACT Considering the fact that SAS Grid Manager is becoming more and more popular, it is important to fulfill the user's need for a successful migration
More informationGrid Computing in SAS 9.4
Grid Computing in SAS 9.4 SAS Documentation The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2013. Grid Computing in SAS 9.4. Cary, NC: SAS Institute Inc. Grid Computing
More informationUnderstanding the Local KDC
Appendix C Understanding the Local KDC The local Key Distribution Center (LKDC) facilitates single sign-on for Apple Filing Protocol (AFP) file sharing and screen sharing, and although it is outside the
More informationNovell Kerberos Login Method for NMASTM
Novell Kerberos Login Method for NMASTM 1.0 ADMINISTRATION GUIDE www.novell.com Legal Notices Novell, Inc. makes no representations or warranties with respect to the contents or use of this documentation,
More informationUsing Shared Accounts in Kerberized Hadoop Clusters with SAS : How Can I Do That?
Paper 1168-2017 Using Shared Accounts in Kerberized Hadoop Clusters with SAS : How Can I Do That? Michael Shealy, Cached Consulting, LLC ABSTRACT Using shared accounts to access third-party database servers
More informationScheduling in SAS 9.2
Scheduling in SAS 9.2 The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2009. Scheduling in SAS 9.2. Cary, NC: SAS Institute Inc. Scheduling in SAS 9.2 Copyright 2009,
More informationNicolas Williams Staff Engineer Sun Microsystems, Inc.
Deploying Secure NFS Nicolas Williams Staff Engineer Sun Microsystems, Inc. nicolas.williams@sun.com Page 1 of Secure NFS Background A Brief History Protocol In the beginning, no security AUTH_SYS, AUTH_NONE
More informationGrid Computing in SAS 9.4, Fifth Edition
Grid Computing in SAS 9.4, Fifth Edition SAS Documentation September 12, 2017 The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2017. Grid Computing in SAS 9.4, Fifth
More informationSAS Viya 3.3 Administration: Authentication
SAS Viya 3.3 Administration: Authentication Authentication: Overview...................................................................... 1 Authentication: How To........................................................................
More informationEffective Usage of SAS Enterprise Guide in a SAS 9.4 Grid Manager Environment
Paper SAS375-2014 Effective Usage of SAS Enterprise Guide in a SAS 9.4 Grid Manager Environment Edoardo Riva, SAS Institute Inc., Cary, NC ABSTRACT With the introduction of new features in SAS 9.4 Grid
More informationSAS Viya 3.4 Administration: Authentication
SAS Viya 3.4 Administration: Authentication Authentication: Overview...................................................................... 2 Authentication Options.......................................................................
More informationUpdates from MIT Kerberos
27 March, 2014 krb5-1.9 krb5-1.10 Ancient History krb5-1.9 krb5-1.10 krb5-1.11 features krb5-1.12 features krb5-1.9 krb5-1.10 Features released before EAKC 2012 krb5 1.9 December 2010 krb5 1.10 January
More informationGrid Computing in SAS 9.2. Second Edition
Grid Computing in SAS 9.2 Second Edition The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2009. Grid Computing in SAS 9.2, Second Edition. Cary, NC: SAS Institute Inc.
More informationHow to Connect to a Microsoft SQL Server Database that Uses Kerberos Authentication in Informatica 9.6.x
How to Connect to a Microsoft SQL Server Database that Uses Kerberos Authentication in Informatica 9.6.x Copyright Informatica LLC 2015, 2017. Informatica Corporation. No part of this document may be reproduced
More informationKerberos User Guide. Release 1.13 MIT
Kerberos User Guide Release 1.13 MIT CONTENTS 1 Password management 1 1.1 Changing your password......................................... 1 1.2 Granting access to your account.....................................
More informationKerberos and Active Directory symmetric cryptography in practice COSC412
Kerberos and Active Directory symmetric cryptography in practice COSC412 Learning objectives Understand the function of Kerberos Explain how symmetric cryptography supports the operation of Kerberos Summarise
More informationSSH with Globus Auth
SSH with Globus Auth Summary As the community moves away from GSI X.509 certificates, we need a replacement for GSI-OpenSSH that uses Globus Auth (see https://docs.globus.org/api/auth/ ) for authentication.
More informationConfiguring Kerberos
Kerberos is a secret-key network authentication protocol, developed at the Massachusetts Institute of Technology (MIT), that uses the Data Encryption Standard (DES) cryptographic algorithm for encryption
More informationHenry B. Hotz Jet Propulsion Laboratory California Institute of Technology. Kerberos 5 Upgrade
JPL's Jet Propulsion Laboratory California Institute of Technology Overview Preparation Requirements and Testing MIT/KTH (Heimdal) Tradeoff Doing the upgrade Follow-on Migrating clients New/Additional
More informationInstallation and Configuration Guide Simba Technologies Inc.
Simba Spark ODBC Driver with SQL Connector Installation and Configuration Guide Simba Technologies Inc. Version 1.2.5 August 4, 2017 Copyright 2017 Simba Technologies Inc. All Rights Reserved. Information
More informationInstallation and Configuration Guide Simba Technologies Inc.
Simba Hive ODBC Driver with SQL Connector Installation and Configuration Guide Simba Technologies Inc. Version 2.1.10 March 23, 2017 Copyright 2017 Simba Technologies Inc. All Rights Reserved. Information
More informationTIBCO Spotfire Connecting to a Kerberized Data Source
TIBCO Spotfire Connecting to a Kerberized Data Source Introduction Use Cases for Kerberized Data Sources in TIBCO Spotfire Connecting to a Kerberized Data Source from a TIBCO Spotfire Client Connecting
More informationSecurity and Privacy in Computer Systems. Lecture 7 The Kerberos authentication system. Security policy, security models, trust Access control models
CS 645 Security and Privacy in Computer Systems Lecture 7 The Kerberos authentication system Last Week Security policy, security models, trust Access control models The Bell-La Padula (BLP) model The Biba
More informationLikewise Open provides smooth integration with Active Directory environments. We show you how to install
Open provides smooth integration with Active Directory environments. We show you how to install and configure the admin-friendly authentication system. BY WALTER NEU he Open authentication system [1] integrates
More informationConfiguring Kerberos
Configuring Kerberos Last Updated: January 26, 2012 Finding Feature Information, page 1 Information About Kerberos, page 1 How to Configure Kerberos, page 5 Kerberos Configuration Examples, page 13 Additional
More informationHow to Integrate an External Authentication Server
How to Integrate an External Authentication Server Required Product Model and Version This article applies to the Barracuda Load Balancer ADC 540 and above, version 5.1 and above, and to all Barracuda
More informationFreeIPA - Control your identity
FreeIPA - Control your identity LinuxAlt 2012 Martin Košek, Sr. Software Engineer, Red Hat Nov 3 rd, 2012 This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike
More informationIBM BigInsights BigIntegrate and BigQuality: IBM InfoSphere Information Server on Hadoop Deployment and Configuration Guide
IBM BigInsights BigIntegrate and BigQuality: IBM InfoSphere Information Server on Hadoop Deployment and Configuration Guide IBM BigInsights BigIntegrate and BigQuality allow for IBM InfoSphere Information
More informationKerberos-enabled applications. Core services for UNIX shell programs and applications. Kerberos environment. Centrify DirectControl Service Library
Understanding Centrify DirectControl Agents The Centrify DirectControl Agent makes a UNIX, Linux, or Mac OS X computer look and behave like a Windows client computer to Active Directory. The Centrify DirectControl
More informationInstallation and Configuration Guide Simba Technologies Inc.
Simba Hive ODBC Driver with SQL Connector Installation and Configuration Guide Simba Technologies Inc. Version 2.6.1 August 3, 2018 Copyright 2018 Simba Technologies Inc. All Rights Reserved. Information
More informationOverview of Kerberos(I)
Overview of Kerberos(I) Network Authentication Protocol for C/S application based on symmetric cryptosystem TTP authentication service Based on secret key, single login Part of MIT's project Athena (public
More informationIdentity Management In Red Hat Enterprise Linux. Dave Sirrine Solutions Architect
Identity Management In Red Hat Enterprise Linux Dave Sirrine Solutions Architect Agenda Goals of the Presentation 2 Identity Management problem space What Red Hat Identity Management solution is about?
More informationOVERVIEW OF THE SAS GRID
OVERVIEW OF THE SAS GRID Host Caroline Scottow Presenter Peter Hobart MANAGING THE WEBINAR In Listen Mode Control bar opened with the white arrow in the orange box Copyr i g ht 2012, SAS Ins titut e Inc.
More informationInstallation and Configuration Guide Simba Technologies Inc.
Simba Impala ODBC Driver with SQL Connector Installation and Configuration Guide Simba Technologies Inc. Version 1.2.16 October 31, 2017 Copyright 2017 Simba Technologies Inc. All Rights Reserved. Information
More informationUser Authentication Principles and Methods
User Authentication Principles and Methods David Groep, NIKHEF User Authentication - Principles and Methods 1 Principles and Methods Authorization factors Cryptographic methods Authentication for login
More informationIBM IBM Tivoli Monitoring Express V6.1 Specialist. Download Full Version :
IBM 000-887 IBM Tivoli Monitoring Express V6.1 Specialist Download Full Version : https://killexams.com/pass4sure/exam-detail/000-887 QUESTION: 88 Which two options for log files for tracing the Warehouse
More informationLinux with Active Directory
Microsoft s Active Directory system provides centralized user management and single sign-on. If you re ready for a few manual steps, Linux can leverage this potential. BY WALTER NEU n many enterprises,
More informationSAS Viya 3.3 Administration: Identity Management
SAS Viya 3.3 Administration: Identity Management Identity Management Overview................................................................. 2 Getting Started with Identity Management......................................................
More informationUser Security Configuration Guide, Cisco IOS XE Fuji 16.8.x (Cisco ASR 920 Routers)
User Security Configuration Guide, Cisco IOS XE Fuji 16.8.x (Cisco ASR 920 Routers) Configuring Kerberos 2 Finding Feature Information 2 Prerequisites for Configuring Kerberos 2 Information About Configuring
More informationKerberos. Pehr Söderman Natsak08/DD2495 CSC KTH 2008
Kerberos Pehr Söderman Pehrs@kth.se Natsak08/DD2495 CSC KTH 2008 Project Athena Started 1983 at MIT 10 000 workstations 1000 servers Unified enviroment Any user, any workstation, any server, anywhere...
More informationHardware Tokens in META Centre
MWSG meeting, CERN, September 15, 2005 Hardware Tokens in META Centre Daniel Kouřil kouril@ics.muni.cz CESNET Project META Centre One of the basic activities of CESNET (Czech NREN operator); started in
More informationAAI-SSO with Active Directory. Kerberos Login Handler
AAI-SSO with Active Directory Kerberos Login Handler Project Overview One of FHNW s AAA projects Use case: SSO for AAI Applications with Active Directory domain logins Project goal: Development of a Kerberos
More informationSAS. Installation Guide Fifth Edition Intelligence Platform
SAS Installation Guide Fifth Edition 9.1.3 Intelligence Platform The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2006. SAS 9.1.3 Intelligence Platform: Installation
More informationConfiguring Integrated Windows Authentication for IBM WebSphere with SAS 9.2 Web Applications
Configuring Integrated Windows Authentication for IBM WebSphere with SAS 9.2 Web Applications Copyright Notice The correct bibliographic citation for this manual is as follows: SAS Institute Inc., Configuring
More informationWeb-based secure high performance remote visualization
Journal of Physics: Conference Series Web-based secure high performance remote visualization To cite this article: R J Vickery et al 2006 J. Phys.: Conf. Ser. 46 545 View the article online for updates
More informationVeritas NetBackup for Hadoop Administrator's Guide
Veritas NetBackup for Hadoop Administrator's Guide UNIX, Windows, and Linux Release 8.1.1 Veritas Hadoop Administartor's Guide Last updated: 2018-05-10 Document version:netbackup 8.1.1 Legal Notice Copyright
More informationCentralized Authentication with Kerberos 5, Part I
1 of 8 6/18/2006 7:26 PM Centralized Authentication with Kerberos 5, Part I Alf Wachsmann Abstract Kerberos can solve your account administration woes. Account administration in a distributed UNIX/Linux
More informationTroubleshooting your SAS Grid Environment Jason Hawkins, Amadeus Software, UK
ABSTRACT A SAS Grid environment provides a highly available and resilient environment for your business. The challenge is that the more complex these environments become, the harder it can be to troubleshoot
More informationAll about SAML End-to-end Tableau and OKTA integration
Welcome # T C 1 8 All about SAML End-to-end Tableau and OKTA integration Abhishek Singh Senior Manager, Regional Delivery Tableau Abhishek Singh Senior Manager Regional Delivery asingh@tableau.com Agenda
More informationThe Kerberos Authentication Service
The Kerberos Authentication Service By: Cule Stevan ID#: 0047307 SFWR 4C03 April 4, 2005 Last Revision: April 5, 2005 Stevan Cule 0047307 SOFTWARE ENGINEERING 4C03 WINTER 2005 The Kerberos Authentication
More informationSSSD: FROM AN LDAP CLIENT TO SYSTEM SECURITY SERVICES DEAMON
SSSD: FROM AN LDAP CLIENT TO SYSTEM SECURITY SERVICES DEAMON ABOUT ME AND THE TALK I'm a developer working for Red Hat, mostly on SSSD Twitter: @JakubHrozek Github: https://github.com/jhrozek/fosdem2018
More informationIdentity Management Scaling Out and Up
Identity Management Scaling Out and Up Jan Pazdziora Principal Software Engineer Identity Management Engineering, Red Hat jpazdziora@redhat.com 15 th October 2014 Identity Users; user groups. Hosts; host
More informationData, Avdeling for ingeniørutdanning, Høgskolen i Oslo
Data, Avdeling for ingeniørutdanning, Text is Copyright 2010, Exponential Consulting, All rights reserved. These slides and the derived PDF file may be freely shared as long as they are unmodified and
More informationPentaho, Linux, and Microsoft Active Directory Authentication with Kerberos
Pentaho, Linux, and Microsoft Active Directory Authentication with Kerberos Change log (if you want to use it): Date Version Author Changes Contents Overview... 1 Before You Begin... 1 Setting Up the Domain
More informationSAS 9.3 Intelligence Platform
SAS 9.3 Intelligence Platform Installation and Configuration Guide SAS Documentation The correct bibliographic citation for this manual is as follows: SAS Institute Inc 2011. SAS 9.3 Intelligence Platform:
More informationRadius, LDAP, Radius, Kerberos used in Authenticating Users
CSCD 303 Lecture 5 Fall 2018 Radius, LDAP, Radius, Kerberos used in Authenticating Users Kerberos Authentication and Authorization Previously Said that identification, authentication and authorization
More informationRadius, LDAP, Radius used in Authenticating Users
CSCD 303 Lecture 5 Fall 2017 Kerberos Radius, LDAP, Radius used in Authenticating Users Introduction to Centralized Authentication Kerberos is for authentication only and provides Single Sign-on (SSO)
More informationSolving TWS Windows Job Run Issues
Solving TWS Windows Job Run Issues Michael T. Olivier July 16, 2014 2007 IBM Corporation 2 Overview TWS Concepts Unique to Windows Jobs Jobs That Don't Work (FAIL and ABEND) Jobs That Misbehave Stuck in
More informationImportant Notice Cloudera, Inc. All rights reserved.
Important Notice 2010-2017 Cloudera, Inc. All rights reserved. Cloudera, the Cloudera logo, and any other product or service names or slogans contained in this document, except as otherwise disclaimed,
More informationkeepalive (isakmp profile)
keepalive (isakmp profile) keepalive (isakmp profile) To allow the gateway to send dead peer detection (DPD) messages to the peer, use the keepalive command in Internet Security Association Key Management
More informationHP Operations Orchestration Software
HP Operations Orchestration Software Software Version: 7.50 Guide to Enabling Single Sign-on Document Release Date: March 2009 Software Release Date: March 2009 Legal Notices Warranty The only warranties
More informationKerberos Adapter for webmethods
Kerberos Adapter for webmethods Many webmethods programmers are familiar with the problem of authenticating from.net clients to a webmethods server. Sometimes this is solved by transferring authentication
More informationUsing the MyProxy Online Credential Repository
Using the MyProxy Online Credential Repository Jim Basney National Center for Supercomputing Applications University of Illinois jbasney@ncsa.uiuc.edu What is MyProxy? Independent Globus Toolkit add-on
More informationGSS Context Management for NFS: The NFS PAG. William A. (Andy) Adamson Connectathon 2014
GSS Context Management for NFS: The NFS PAG William A. (Andy) Adamson andros@netapp.com Connectathon 2014 1 The Problem GSS context is only destroyed on umount Context can be used even when Kerberos credentials
More informationSAS Viya 3.4 Administration: Logging
SAS Viya 3.4 Administration: Logging Logging: Overview............................................................................. 1 Logging: How To...............................................................................
More informationAUTHENTICATION APPLICATION
AUTHENTICATION APPLICATION WHAT IS KERBEROS? Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
More informationTeradata ODBC Driver for Presto. Installation and Configuration Guide
Teradata ODBC Driver for Presto Installation and Configuration Guide Version 1.1.16 December, 2017 About This Guide About the Teradata Presto ODBC Driver Purpose The Teradata ODBC Driver for Presto Installation
More informationAcknowledgments. CSE565: Computer Security Lectures 16 & 17 Authentication & Applications
CSE565: Computer Security Lectures 16 & 17 Authentication & Applications Shambhu Upadhyaya Computer Science & Eng. University at Buffalo Buffalo, New York 14260 Lec 16.1 Acknowledgments Material for some
More informationSDC EMEA 2019 Tel Aviv
Integrating Storage Systems into Active Directory SDC EMEA 2019 Tel Aviv Volker Lendecke Samba Team / SerNet 2019-01-30 Volker Lendecke AD integration (2 / 16) Overview Active Directory Authentication
More informationCredential Management in the Grid Security Infrastructure. GlobusWorld Security Workshop January 16, 2003
Credential Management in the Grid Security Infrastructure GlobusWorld Security Workshop January 16, 2003 Jim Basney jbasney@ncsa.uiuc.edu http://www.ncsa.uiuc.edu/~jbasney/ Credential Management Enrollment:
More informationHigh-availability services in enterprise environment with SAS Grid Manager
ABSTRACT Paper 1726-2018 High-availability services in enterprise environment with SAS Grid Manager Andrey Turlov, Allianz Technology SE; Nikolaus Hartung, SAS Many organizations, nowadays, rely on services
More informationSAS Simulation Studio 14.1: User s Guide. Introduction to SAS Simulation Studio
SAS Simulation Studio 14.1: User s Guide Introduction to SAS Simulation Studio This document is an individual chapter from SAS Simulation Studio 14.1: User s Guide. The correct bibliographic citation for
More informationActive Directory Attacks and Detection
Active Directory Attacks and Detection #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos This talk is Based on Tim Madin
More informationTwelve Cluster Technologies Available in SAS 9.4
ABSTRACT Paper SAS415-2017 Twelve Cluster Technologies Available in SAS 9.4 Rob Collum, SAS Institute Inc. We are always looking for ways to improve the performance, efficiency, and availability of our
More informationWindows AD Single Sign On
Windows AD Single Sign On Firstly, let s define our server names and IPs (you must obviously adjust these and the commands below to reflect your server names and IPs: Step 1 Domain Name: DOMAIN (FQDN:
More informationKerberos and Single Sign On with HTTP
Kerberos and Single Sign On with HTTP Joe Orton Red Hat Overview Introduction The Problem Current Solutions Future Solutions Conclusion Introduction WebDAV: common complaint of poor support for authentication
More informationSAS High-Performance Analytics Infrastructure 3.5: Installation and Configuration Guide
SAS High-Performance Analytics Infrastructure 3.5: Installation and Configuration Guide SAS Documentation The correct bibliographic citation for this manual is as follows: SAS Institute Inc. 2016. SAS
More informationKerberos Introduction. Jim Binkley-
Kerberos Introduction Jim Binkley- jrb@cs.pdx.edu 1 outline intro to Kerberos (bark, bark) protocols Needham Schroeder K4 K5 miscellaneous issues conclusion 2 Kerberos history Kerberos came from MIT part
More informationNetwork Security: Kerberos. Tuomas Aura
Network Security: Kerberos Tuomas Aura Kerberos authentication Outline Kerberos in Windows domains 2 Kerberos authentication 3 Kerberos Shared-key protocol for user login authentication Uses passwords
More informationCloudera ODBC Driver for Apache Hive
Cloudera ODBC Driver for Apache Hive Important Notice 2010-2017 Cloudera, Inc. All rights reserved. Cloudera, the Cloudera logo, and any other product or service names or slogans contained in this document,
More informationIntegrating the RHCI Suite with IdM
Integrating the RHCI Suite with IdM INTRODUCTION Who are we? Chris Keller Solutions Architect Red Hat, Inc. Nathan Kinder Engineering Manager Red Hat, Inc. What is IdM? IdM Features Numerous Capabilities
More informationConfiguring Integrated Windows Authentication for JBoss with SAS 9.2 Web Applications
Configuring Integrated Windows Authentication for JBoss with SAS 9.2 Web Applications Copyright Notice The correct bibliographic citation for this manual is as follows: SAS Institute Inc., Configuring
More informationNFS on Steroids: Building Worldwide Distributed File System Gregory Touretsky Intel IT
NFS on Steroids: Building Worldwide Distributed File System Gregory Touretsky Intel IT Legal Notices This presentation is for informational purposes only. INTEL MAKES NO WARRANTIES, EXPRESS OR IMPLIED,
More informationWhite Paper. Fabasoft on Linux - Fabasoft Folio Web Management. Fabasoft Folio 2017 R1 Update Rollup 1
White Paper Fabasoft on Linux - Fabasoft Folio Web Management Fabasoft Folio 2017 R1 Update Rollup 1 Copyright Fabasoft R&D GmbH, Linz, Austria, 2018. All rights reserved. All hardware and software names
More informationZENworks 11 Support Pack 4 User Source and Authentication Reference. October 2016
ZENworks 11 Support Pack 4 User Source and Authentication Reference October 2016 Legal Notices For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions,
More informationreview of the potential methods
Mandatory iscsi Security review of the potential methods IPS Interim Meeting Nashua NH, May 01 2001 Ofer Biran Thanks to: IBM Research Lab in Haifa Bernard Aboba, David Black, Julian Satran, Steve Senum
More informationFreeIPA. Directory and authentication services the easy way. Christian Stankowic. Free and Open Source software Conference
FreeIPA Directory and authentication services the easy way Christian Stankowic www.stankowic-development.net Free and Open Source software Conference 21.08.2016 whoami Christian Stankowic Messer Information
More informationDoD Common Access Card Authentication. Feature Description
DoD Common Access Card Authentication Feature Description UPDATED: 20 June 2018 Copyright Notices Copyright 2002-2018 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies
More informationSAS 9.4 Intelligence Platform
SAS 9.4 Intelligence Platform Installation and Configuration Guide SAS Documentation The correct bibliographic citation for this manual is as follows: SAS Institute Inc 2013. SAS 9.4 Intelligence Platform:
More informationOpenAFS Unix Cache Manager Performance Mark Vitale AFS and Kerberos Best Practices Workshop 20 August 2015
OpenAFS Unix Cache Manager Performance Mark Vitale AFS and Kerberos Best Practices Workshop 20 August 2015 objectives Understand the performance characteristics of the OpenAFS
More informationCIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries
CIS 6930/4930 Computer and Network Security Topic 7. Trusted Intermediaries 1 Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC) Representative
More informationWhat a difference a year makes
Status Report What a difference a year makes Its Faster Its Robust Its Manageable More than 90 changes since last workshop User Experience Improvements Support for Windows XP SP2 and 2003 Server SP1. SMB
More information