Chapter 3 Configuring Your LibraryWorking With User AccountsScalar i500 User’s Guide 104both the Library User Group and the Library Admin Group on the LDAPserver. Since most normal users will not be members of both thesegroups, you may need to create a special or temporary user specificallyfor this purpose.After configuring LDAP settings, save the library configuration.You can view, enable, and configure LDAP settings from the library Webclient. You cannot use the operator panel to configure LDAP settings.The path to open the appropriate screen is as follows:• From the Web client, select Setup > User Management > RemoteAuthentication.Configuring Kerberos 3 Use Kerberos if you want extra security with remote authentication.Make sure that both the library and the Kerberos/Active Directory®server are set to the same time (within 5 minutes). Otherwise, theauthentication will fail. It is recommended that you use Network TimeProtocol (NTP) to synchronize the time between the library and theKerberos server. See Setting the Date and Time Using the Network TimeProtocol on page 107.Fill in the following Kerberos fields in addition to all the LDAP fields:• Realm — The Kerberos realm name, typed in all uppercase letters.Usually the realm name is the DNS domain name.Example: MYCOMPANY.COM• KDC (AD Server) — The key distribution center (in other words, theserver on which Kerberos/Active Directory is installed).Example: mycompany.com:88• Domain Mapping — The domain portion of the library’s fully qualifieddomain name.Example: mycompany.comNote: For step-by-step instructions on configuring LDAP on thelibrary, see your library’s online Help. To access the onlineHelp system, click the Help icon at the top right of the Webclient.