Using SASL GSSAPI with librdkafka in a cross‐realm scenario with Windows SSPI and MIT Kerberos

In this tutorial we'll see how to set up SASL/GSSAPI in a cross-realm scenario with Windows Active Directory and MIT Kerberos. On Windows librdkafka uses SSPI to automatically authenticate with current user. If cross-realm trust is set up Windows users can be directly authenticated as Kafka principals.

Requirements

Everything will be set up on a Windows Server instance, by using WSL2 for running Apache Kafka 4.0 on Ubuntu.

Configuration

Install Active Directory

Go to Server Manager
Select "Add roles and Features"
Check "Active Directory Domain Services"
Install it
After installation: "Promote this server to domain controller"
Add a new forest with name testwindomain.com (NetBIOS name: TESTWINDOMAIN)
Finish configuration and restart
To login now you've to use TESTWINDOMAIN\<admin_user>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Using SASL GSSAPI with librdkafka in a cross‐realm scenario with Windows SSPI and MIT Kerberos

Requirements

Configuration

Install Active Directory

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally