You must configure your browser
before you attempt to record Kerberos applications.
Before you begin
The client computer must be a member of the domain for which
single sign-on (SSO) has been defined.
Procedure
To configure Internet Explorer to use Simple and Protected
GSS-API Negotiation Mechanism (SPNEGO):
- Log on to Windows with a user ID for the domain for which SSO has been defined.
- Start Internet Explorer.
- Click .
- Click the Security tab.
- Define the site to authenticate to using Integrated Windows Authentication. Depending
on your enterprise policy, you define the site in either the Local intranet zone or the Trusted sites zone.
- To define the site in the Local intranet zone, select Local intranet. The instructions
that follow assume that you are defining the site in the Local intranet zone.
- To define the site in the Trusted sites zone, select Trusted sites. In the Security Settings for the Trusted sites, click Automatic logon with current username and password, not Automatic logon only in Intranet zone.
- Click Sites.
- Click Advanced.
- Type the URL for the hostname for which you want to enable
SSO. For example, type http://abc.ibm.com.
- Click Add.
- Click OK.
- Click OK again.
- Click the Advanced tab.
- Scroll down to Security, and select Enable Integrated
Windows Authentication (requires restart). This option is not available on Internet Explorer 5.5. Integrated Windows Authentication is always
enabled on Internet Explorer 5.5.
- Click OK.
- Restart Internet Explorer.