6.9 Configuring Kerberos authentication support for LiveCycle ES3 Connector for Microsoft SharePoint

  1. Navigate to [LiveCycle root]/jboss/server/<profile>/conf.

  2. Open login-config.xml file for editing.

  3. Add following text to login-config.xml file:
    <application-policy name="LC_SP_CONNECTOR"> 
    <authentication> 
        <login-module code="com.sun.security.auth.module.Krb5LoginModule" flag="required"> </login-module> 
    </authentication> 
    </application-policy>
  4. Navigate to [LiveCycle root]/jboss/bin.

  5. Create a file named krb5.conf

  6. Modify following text according to your envrionment settings. Add modified text to krb5.conf file:

    [libdefaults] 
    default_realm = SP.COM 
    default_checksum = rsa-md5 
    [realms] 
    SP.COM = { 
    kdc = hostname.sp.com 
    } 
    [domain_realm] 
    .sp.com = SP.COM

    Note: You must ensure that,

    • SP.COM is replaced with the domain name in capital letters.

    • hostname.sp.com is replaced with fully qualified domain name of the domain controller and domain name is in small letters.

    • .sp.com with replaced with domain name in small letters prefixed with a period (.).

  7. Copy file addSpnego.mar from[LiveCycle root]/configurationManager/bin/Kerberos/modules/ to[LiveCycle root]/jboss /bin/modules/ directory.
    Note: If the directory named modules does not exists, create it.
  8. Restart JBoss Server to complete the configuration.