When verifying the user’s ID and password on the Windows NT domain controller, your system must meet the following requirements:
- The ticket-issuing application server must be at least Release 4.6D, patch level 317.
- The ticket-issuing system’s ITS must be at least Release 4.6D. For Release 4.6D we also recommend using a patch level higher than 343. For Release 6.10 C1, use patch level 11 or higher.
Prior to these ITS Releases, the AGate’s user must have the additional right to Act as part of the operating system.
- The AGate must run on a Windows server and must run under a valid user account that exists in the Windows domain.
- SNC is required for the connection between the AGate and the ticket-issuing application server.
We also recommend using SNC for the connections to systems that accept logon tickets.
- The user must have an account on the Windows domain. The standard Guest account cannot be used.
- You must also provide a logon screen so that the user can enter the Windows domain, his or her Windows user ID, and his or her password. Specify this screen in the login template for the PAS service.
For a sample template file, see the
Prerequisites for Verifying Users on the Domain Controller