Implementing WinRM connections between a Unix Agent Manager (FglAM) and remote Windows clients can require extra steps.
In an environment where the Agent Manager is deployed and running on a Linux host, the FglAM setup or configuration is not setup to generate a krb5.conf file. The file is required for a successful Kerberos Authentication between the Client (target/monitored host) and the FglAM Host.
The "krb5.conf"is crucial to the success to implement WinRM/Negotiate connections between a FglAM running UNIX and connecting to remote Windows clients using Kerberos authentication.
Correct documentation on exact steps to execute for successful WinRM/Negotiate connections between a FglAM running UNIX and connecting to remote Windows clients.
If WinRM used, a krb5.config file may need to be added to the Foglight Agent Manager (FglAM).
The KDC used in the krb5.config file will have to be a KDC for the domain that the Windows agent is in.
Assuming that the domain is domain.xyz the krb5.conf should be created with the following in it:
-------------------------------
[libdefaults]
default_realm = DOMAIN.XYZ
[realms]
DOMAIN.XYZ = {
kdc =
}
[domain_realm]
.domain.xyz = DOMAIN.XYZ
Where,
-----------------------------
2. Once the file is created the path to the file should be specified in the \state\default\config\fglam-config.xml.
/change path>/krb5.conf
3. Restart FglAM.
NOTE: FDOC-6781 has been included in the FglAM guide
© ALL RIGHTS RESERVED. Feedback Terms of Use Privacy Cookie Preference Center