Configuring unconstrained delegated authentication for CCS
You need to configure unconstrained delegation only if your deployment contains a standalone installation of the Directory Server.
- To configure a service account with unconstrained delegation
- Identify the user accounts that you want to use as the service accounts for DSS and Application Server.
- Enable delegation for the Application Server’s service account. By default, the user is set toDo not trust this user for delegation.To enable a service account, in the user properties, go to theDelegationtab and select the option,Trust this user for delegation to any service (Kerberos only).
- After the product is installed, configure delegation for the Application Server in the following manner:
- In the CCS Console, go toSettings > System Topology > Map Viewor go toSettings > System Topology > Grid View.
- Select the Application Server component, and right-click onEdit Settings.
- In theEdit Settingsdialog box, select theApplication Server > Basicoption in the left pane.
- For theAuthentication typeoption, selectUse controlled delegation of security rightsin the right pane.
- ClickSave.
- Restart the DSS and the Application Server computer so that the delegation settings can take effect.