Installing and Configuring Kerberos Setup Service
E-14 AP-4131 Access Point Product Reference Guide
4. Enter the AP access range set the time and status information using the
Setup Start Time and Setup Expire Time pull-down menus.
5. Set the SNMP Setting.
6. Click Add when all the parameters have been entered.
After the AP initializes, the AP list view window displays the Connection
Events (APs successful in gaining access to KSS).
E.5 Implementing Kerberos without the KSS
Kerberos support is available for the AP-4131 access point without the use of
the KSS. This configuration requires Windows 2000 Server with SP2.
To configure Kerberos support without the KSS:
1. Install Active Directory, making the server a domain controller (preferably
a Primary Domain Controller).
Configuring an Additional Domain Controller requires the presence of a
PDC and synchronization of the user database. Choose defaults for
Domain Controller configuration if it is a PDC. Record the Domain name
as it would be needed for configuring the AP.
2. Enable DNS if no other DNS server is available on the network.
3. Enable network time services (Daytime or SNTP) on this server or another
networked server. The same server as the KDC server can be used.
From the Windows Control Panel, click Add/Remove Programs. Click
Add/Remove Windows Components, double-click Networking
Services, and select Simple TCP/IP Services. Click OK and Next. The
Win2k Server CD is required to add this component.
4. Create user accounts for the access points and Kerberos Clients. The
username for the access point user account should be the same as the
access point ESSID. Therefore, only one AP user account for each WLAN
(or ESSID) is required.
5. After creating each account, right-click on an account and click
properties. Click the Account tab. Select Do not require Kerberos
Pre-Authentication.