Change Domain Controller used by Kerberos

Owned by Knowledge Assistant
Last updated: Apr 23, 2024
1 min read
Description of Issue

Change the target domain controller used for Kerberos authentication in Time & Attendance

Context

  • TA

  • ET

  • Kerberos

  • Active Directory

  • AD

  • Authentication

Cause

Targeted Domain Controller is no longer valid or needs to be changed

Resolution

  1. Login into TA as Admin account

  2. Navigate to

    1. System Admin

    2. UI environment flags

    3. Login configuration

  3. Alter Key Distribution Center with new/correct value
    Note: an IP address is acceptable here. The address must be accessible/routable from the TA application server.  Tyler hosted (Yarmouth/Plano) clients will need a VPN and a NAT address defined. AWS/TA hosted clients will need a VPN, but the address will be local to the client. A Hostname can be used, but the application server must be able to resolve this name via either DNS or local host entry.

  4. Restart the application service for Time & Attendance and/or reboot the application server. These values are loaded at application startup. Hosted clients will need to put in a request to have the instance restarted.

Additional Information