Description A local security policy set from the domain controller causes client-Kerberos failure on client machines. Product Any ExacqVision NVR Any client machines or third-party client machines Steps to Reproduce Integrate NVR to your domain controller using LDAPUse single sign on to authenticate on client machine Expected Results single sign on succeeds and you are… Continue reading Local security policy will cause client-side Kerberos failure
Tag: Kerberos
Troubleshooting Active Directory Error Messages
Error: “Client Side Kerberos Authentication Failed” Cause: The setspn command was not run on all Active Directory Servers, or there is a duplicate SPN. Solution: On the DC, run the setspn command as directed in the appropriate ExacqVision Active Directory setup guide, or run setspn -X to check for duplicates. If a duplicate is found,… Continue reading Troubleshooting Active Directory Error Messages
Windows Server & Client and OpenLDAP/Kerberos
The following process allows you to configure exacqVision permissions and privileges for accounts that exist on an OpenLDAP/Kerberos server:1. On the OpenLDAP/Kerberos server, ensure that your installed schema includes the following object types: inetOrgPerson (RFC 2798)organization (RFC 2256)krbPrincipalAux (provided by the Ubuntu krb5-kdc-ldap package) And at least 1 of the following opject types: groupOfNames (rfc… Continue reading Windows Server & Client and OpenLDAP/Kerberos
MacOS & Mac OS X Client and Active Directory/OpenLDAP/Kerberos
Configuration The following process allows you to configure ExacqVision permissions and privileges for accounts that exist on an Active Directory/OpenLDAP/Kerberos (directory) server. NOTE: On a Windows platform, the domain controller must run on Windows Server 2003 operating system or later. If the Active Directory functional level is Windows 2000 or earlier, you must select Password… Continue reading MacOS & Mac OS X Client and Active Directory/OpenLDAP/Kerberos