Chapter 2 Configuration Tools
68
5. Set the Kerberos parameters to enable Kerberos
authentication.
The Kerberos password must match the Windows 2000 user
password for the Print Server. The administrator should choose
at least 9 alphanumeric characters with a combination of upper
and lower case.
The following is a suggestion for creating strong password for
computer security. Make sure the password:
• is at least seven characters long. The most secure
passwords are seven to 14 characters long.
• contains characters from each of the following groups:
letters (uppercase and lowercase), numerals, and symbols (all
characters not defined as letters or numerals, i.e., ! @ # $ % ^
& *, etc.)
The kname is default to “krbtgt” which is the default name used in
Windows 2000 KDC. It must be configured to match with the KDC if
the default is changed. The krealm is case sensitive; it must match
the Access Point’s realm.
The SSID of the Print Server must be configured to match the
Access Point’s SSID which also has Kerberos enabled. For
example, if a Windows 2000 user created the password
aBcd-12345 and the Access Point’s realm is set to
REALM.PRINTRONIX.COM, the following telnet commands are
used:
store kerberos password aBcd-12345
store kerberos config krealm REALM.IBM.COM
NOTE: If the Kerberos authentication fails, the user will not be able
to Telnet to the Print Server via the wireless LAN interface.
In this case, Telnet to the Print Server via the wired LAN
interface. It should display an error message indicating the
reason for the Kerberos authenticaion failure.