Install Kerberos for Windows

Overview

Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications. It was created by the Massachusetts Institute of Technology (MIT). Kerberos for Windows installs Kerberos on your computer and configures it for use on the Stanford network. Stanford services that require Kerberos authentication include OpenAFS for Stanford.

Network Identity Manager (NIM) is the name of the user interface that manages your Kerberos authentication status. Your Kerberos credentials are established by logging into Network Identity Manager with your SUNet ID and password.

The Kerberos for Windows installer installs the the 64-bit version on 64-bit Windows operating systems and the 32-bit version on 32-bit Windows operating systems .

Installation instructions for 64-bit Kerberos for Windows

Download and run the Kerberos for Windows installer.
If existing production versions of Kerberos for Windows and OpenAFS are installed on your computer, the new Kerberos for Windows installer requires that you uninstall them first. If issues are found, a dialog box will display. Click Download Software Remove Tool, run the tool, select Kerberos for Windows and/or Stanford Open AFS and then click Remove. The program will then delete itself and restart your computer.
If you had to resolve issues, double-click the Kerberos for Windows installer file to run it. It's typically located in your Downloads folder or on your desktop.
Click Continue to start the installation.
After you install Kerberos for Windows you'll need to restart your computer for the configuration changes to take effect. Click Yes to restart now or No to restart later.

Obtain new credentials (authenticating with Kerberos) — 62-bit

Credentials are valid for 1 day and 1 hour (25 hours).

Click the Network Identity Manager icon in the notification area to open the Network Identity Manager application. Alternatively, you can open Network Identity Manager from your list of programs.
The Obtain new credentials window displays. If your username is listed as SUNet ID @stanford.edu, enter your SUNet ID password and click Finish.
If your SUNet ID @stanford.edu is not displayed, click the Kerberos Principal arrow and click Choose an identity.
Enter your SUNet ID @stanford.edu or @win.stanfor.edu, etc. and then click Next.
View the Kerberos v5 Credential Options and change any you wish. Then, click Next.
Enter the password for the username and then click Finish.

Installation instructions for 32-bit Kerberos for Windows

Download and run the Kerberos for Windows installer.
At the prompt, click Yes to continue with the installation.
At the Welcome window, click Next to continue.
Select the option to accept the terms of the license agreement and then click Next.
Choose Typical as the setup type and click Next if it is enabled.
If the Next button in the Setup Type window is disabled, you may need to close one or more running processes. Click Next to allow the Setup Wizard to close them for you.
Click Install to start the installation.
Click Finish to close the Setup Wizard.

Obtain new credentials (authenticating with Kerberos) — 32-bit

You will need to get Kerberos credentials before you can use applications requiring Kerberos authentication. If you open an application that requires Kerberos authentication and you do not have credentials, the New Credentials window opens automatically.

Tip: The New Credentials window may open behind that application's window. If your application appears to hang when you open it, check behind it see if you are being prompted to log in.

Click the Network Identity Manager icon in the system tray or open the Network Identity Manager application.
You will be prompted for your username, realm, and password. Enter the following information and then click OK:
- Username: your SUNet ID
- Realm: stanford.edu
- Password: your SUNet ID password
Credentials are valid for 1 day and 1 hour (25 hours).