...
Note that it is possible to bypass the use of preauthentication and instead create and use a keytab file – refer to the Java GSS documentation for how to do this, and for how to configure krb5.conf to point to a keytab file. This enables you to avoid having the userid/password for the preauth stored in the configuration.
Steps
...
Needed on Active Directory Server
On the Active Directory Server (Windows 2003 is tested and verified), you will need to create a new user for the domain, in the configuration example above, this user is called ppserver but it could be anything – remember you need the fully qualified domain name of the preauth user in the configuration – userid@domain.name but you do not need to add the PortalProtect Server to the domain when using preauthentication – only the workstations need to be in the domain.
...