Create Kerberos Principal Accounts in Active Directory
Create Kerberos Principal Accounts in Active Directory
Create LDAP user accounts for the Kerberos principals in Active Directory. A Kerberos principal is a process, service, or user within the Kerberos realm.
If you set the default_tkt_enctypes property in the krb5.conf configuration file to the 128-bit or 256-bit AES encryption types, configure each account to use the corresponding encryption type in Active Directory.
The accounts that you create depend on whether you enable Kerberos at the node level or at the process level.
Account names can be a maximum of 20 characters in length.