Enables Kerberos-authenticated connections to the database server.
iqsrv15 -krb ...
All operating systems except Windows Mobile.
This option has not been fully tested with servers in the cloud.
This option enables Kerberos authentication to the database server. You must specify one or more of the -krb, -kl, and -kr options for the database server to be able to authenticate clients using Kerberos.
Before you can use Kerberos authentication, a Kerberos client must already be installed and configured on both the client and database server computers. Additionally, the principal server-name@REALM must already exist in the Kerberos KDC, and the keytab for the principal server-name@REALM must already have been securely extracted to the keytab file on the database server computer. The database server will not start if the -krb option is specified, but this setup has not been performed.
The login_mode database option must be set to allow Kerberos logins, and Kerberos client principals must be mapped to database user IDs using the GRANT KERBEROS LOGIN statement.
For a Kerberos principal for the database server named my_server_princ@MYREALM, the following command starts a database server named my_server_princ.
iqsrv15 -krb -n my_server_princ C:\kerberos.db