Genesys Engage on-premises

 View Only
Discussion Thread View
  • 1.  Kerberos integration

    Posted 05-25-2022 08:34

    Does anyone have a working Genesys integration with Kerberos solution design available.
    The Genesys External Framework authentication guide is light on detail and resulting in a lot of trial and error testing and guess work but with more questions than answers as a result.
    We will be using WDE in a citrix environment (with standalone SIP Endpoint on local workstation).
    WDE is connecting to CS Proxys that are in RHEL OS servers.
    The key distribution centre is Windows AD.

    Based on the deployment guide, we configure gauth_kerberos settings (realm/spn/keytab) on CSProxy.
    Kerberos is deployed in same host as CSProxy.
    Kerberos initialization file is configured with values for libdefaults and realm.
    WDE interactionworkspace.exe.config file in citrix is configured with SPN (in WDE deployment guide).

    What is not clear is the actual authentication steps and connectivity.
    - When a user logs into their citrix virtual environment do they acquire a kerberos ticket/token ? if so , how and where from?
    - Do we need to deploy kerberos in the citrix environment as well?
    - Documents suggest the token is present before the user opens WDE.  What actually takes place when they do open WDE? Does WDE pass the token to CS Proxy -which in turn validates it on the windows AD through kerberos?

    Some type of network design would be useful, ideally one which shows CSProxy (linux) with Windows AD integration.
    Also i understand kerberos does not have high availability function.  How is this achieved? using multiple CSProxys against a different windows AD? i am presuming they cant be on the same host because we have to define kerberos initialization file which only accepts one default setting.


    Wasim Altaf
    Capita IT Services Ltd.

  • 2.  RE: Kerberos integration

    Posted 06-02-2022 13:37
    Thank you for reaching out Wasim!  

    We recommend that you open a support request with Genesys Customer Care to troubleshoot this issue.

    Additionally, the diagram below showcases the flow involving WDE:

    Genesys Kerberos doc:

    Ginger Alford
    Program Manager, Product Strategy & Operations
    Genesys - Employee

Need Help finding something?

Check out the Genesys Knowledge Network - your all-in-one access point for Genesys resources