GSSServiceName
The GSSAPI service name that you want to use for the Distributed Index Handler service. You must specify the GSSAPI service name, instance name (fully qualified host name), and the Kerberos realm (normally the domain name in upper case).
You can also set GSSServiceName
to an asterisk (*
) to allow clients to authenticate to any service principal in the Distributed Index Handler service's keytab, rather than requiring you to select a single principal.
If you enable GSSAPI authentication, Distributed Index Handler uses this value as the GSSAPI service name to identify itself. You enable GSSAPI authentication by setting the RequireGSSAuth
parameter in the appropriate section:
- ACI port:
[Server]
RequireGSSAuth - Service port:
[Service]
RequireGSSAuth - Index port:
[IndexServer]
RequireGSSAuth
NOTE: You cannot use RequireGSSAuth
with GSS ACI encryption (see ACI Encryption Configuration Parameters). If you configure both, Distributed Index Handler does not start. GSS ACI encryption has been deprecated or Distributed Index Handler version 12.6.0 and later.
Type: | String |
Default: | |
Required: | No |
Configuration Section: | Server |
Example: | GSSServiceName=MYSERVICE/host.example.com@EXAMPLE.COM
|
See Also: |