Kerberos authentication provides users who are successfully signed in to their Active Directory domain to access their apps portal without additional credential prompts. You enable Windows authentication to allow the Kerberos protocol to secure interactions between users' browsers and the VMware Identity Manager service. You do not need to directly configure Active Directory to make Kerberos function with your deployment.

Currently, interactions between a user's browser and the service are authenticated by Kerberos on the Windows operating systems only. Accessing the service from other operating systems does not take advantage of Kerberos authentication.

To configure the VMware Identity Manager service to provide Kerberos authentication, you must join to the domain and enable Kerberos authentication on the VMware Identity Manager connector.

When Kerberos is enabled, you need to configure the Web browsers to send your Kerberos credentials to the service when users sign in.