Hi there,
I'm trying to set up Keycloak to use Kerberos with Active Directory.
But I'm not sure, I understand the Server Principal correctly.
Keycloak is running on a server, that is reachable under
keycloak.some.domain.com
The Kerberos Realm is
whatever.else.com
So is the Server Principal correctly specified as:
HTTP/keycloak.some.domain.com(a)whatever.else.com
Or more general HTTP/<CLIENT HOST>@<Kerberos Realm>
And is <Kerberos Realm> in the Server Principal always the same as stated
in "Kerberos Realm" in the admin ui?
And does case matter anywhere?
Greetings,
Malte