In order for Kerberos authentication (without a logon prompt) to work correctly, you must configure a registry key in the
client PC to hold the Kerberos delegation server whitelist for Chrome. This whitelist is the list of host names of each
Niagara station you intend to authenticate to.
Perform the following steps:
- To add the key, first start the Registry Editor (... regedit).
CAUTION: Incorrectly editing the registry may damage your system. Before making changes to the registry, you should back up any valued
data on your computer. Refer to the Registry Editor Help for complete details on configuring the registry.
- Expand the
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google directories and create a new Key named: “Chrome”.
- Edit the newly created Chrome key to add a new
String Value named: “AuthNegotiateDelegateWhitelist”.
- Edit the new string value to configure its
Value data field with a comma separated list (without quotes) of the host names of each station you would like to authenticate to.
For example: "host1.domain.com,host2.domain.com".
- Close the registry window.
Google Chrome is now configured for Kerberos authentication. You should be able to log in to stations without being prompted
for a user name and password.