Access to corporate resources from external computers requires secure authentication methods. This article explains how to configure One-Time Password pre-authentication.
In the previous article of this Kerberos Delegation series, you learned how to configure Kerberos Constrained Delegation. Today, I will discuss pre-authentication methods that are not based on Active Directory. Users can pre-authenticate using Windows Active Directory authentication, RADIUS OTP authentication, Certificate authentication or LDAP authentication, and even with PKI certificates.
In the example here, we will use a one-time password solution that provides a simple, user friendly and very secure solution that is ideal for securing access to corporate resources when used with Microsoft (TMG) and Kerberos Constrained Delegation. I will describe how Protocol Transition works with TMG, i.e. how you can authenticate users with one method and then pass the credentials to the backend using Kerberos.
… read more of Using TMG, one-time passwords and Kerberos Constrained Delegation
Author: Simon Simcic
Copyright © 2006-2011, 4sysops, Digital fingerprint: 3db371642e7c3f4fe3ee9d5cf7666eb0
View the full article
Using TMG, one-time passwords and Kerberos Constrained Delegation
No replies to this topic
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users