Jump to content
The TIBCO Platform is a real-time, composable data platform that will bring together an evolving set of your TIBCO solutions - and it's available now! See more information here ×
  • How to Configure TIBCO Castle Powered by Apache Kafka® with Kerberos and Microsoft Active Directory for Authentication


    Richard Flather

    The purpose of this document is to provide information on configuring Apache Kafka and Zookeeper on Linux to use Microsoft Active Directory (AD) for authentication. Active Directory will run on a Windows Server.

    The documentation will provide a simple setup of the Simple Authentication and Security Layer (SASL) setup of Zookeeper/Kafka Broker. The configuration can then be expanded to support TLS and multiple brokers if desired (not documented).

    The document will outline:

    1) Create an AD user for both Zookeeper and Kafka on the Windows Server

    2) Set a Service Principal Name (SPN) to be used with AD and Kerberos Create a Kerberos keytab file for Zookeeper and Kafka
    3) Secure the keytab file

    4) Configure Kerberos on Linux
    5) Configure a single Zookeeper and Kafka Broker to use the keytab file for Kerberos authentication
    6) Connect Zookeeper and Kafka using AD Authentication

    How_to_Configure_Kafka_with_Kerberos_and_Active_Directory.pdf


    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...