{"id":19425,"date":"2023-07-17T15:20:37","date_gmt":"2023-07-17T19:20:37","guid":{"rendered":"https:\/\/kevinjustin.com\/blog\/?p=19425"},"modified":"2023-07-24T08:11:02","modified_gmt":"2023-07-24T12:11:02","slug":"scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs","status":"publish","type":"post","link":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/","title":{"rendered":"SCOM WebConsole settings for authentication"},"content":{"rendered":"
\"Auto<\/a>
Airplane movie – AutoPilot with SCOM Web Console settings<\/figcaption><\/figure>\n

 <\/p>\n

Makes me think of the scene from Airplane with the AutoPilot blow-up, similarly parallel to engineer experiences talking about the SCOM Web Console configuration.\u00a0 I’m ready to dispel some myths to document securing the ‘SCOM Web Console for authentication’<\/p>\n

 <\/p>\n

 <\/p>\n

Quick outline<\/strong><\/h1>\n

Knowledge Articles to aid with ‘SCOM WebConsole settings for authentication’<\/p>\n

Configuring SSL certs and Smart Cards (this post<\/a>)<\/p>\n

Configuring Kerberos and AD delegation (next post<\/a>)<\/p>\n

Verifying WebConsole functionality blog posts – ReDirect<\/a>, Authentication<\/a>, SSL and Bindings<\/a><\/p>\n

Mitigating SCOM vulnerabilities – Java<\/a>, HSTS<\/a>, ODBC<\/a><\/p>\n

 <\/p>\n

 <\/p>\n

Knowledge Articles<\/strong><\/h1>\n

How to Install Web Console from learn.microsoft.com for SCOM 2019<\/a>, 2022<\/a><\/p>\n

Holman’s SCOM quick start install guides for SCOM 2019<\/a>, 2022<\/a><\/p>\n

IIS Manager Authentication from learn.microsoft.com<\/a><\/p>\n

 <\/p>\n

 <\/p>\n

Configuring SSL Certs and Smart Cards<\/strong><\/h1>\n

Setup ‘SCOM WebConsole settings for secure authentication’, access, and rendering methods.\u00a0 I’ve setup the web console role with defaults, then come back later.\u00a0 Holman’s quick start lets you complete the role with default HTTP setup.\u00a0 After that, we add an SSL cert for HTTPS.\u00a0 Thirdly, employ aliases, or F5 load balancers to simplify user experience accessing the console.\u00a0 Fourth, setup SmartCards to help secure, also Kerberos authentication\/delegation.\u00a0 <\/span><\/p>\n

 <\/p>\n

 <\/p>\n

Part 1 – Start with the SSL certificate for https<\/strong><\/h2>\n

Setup the ‘SCOM WebConsole settings for authentication’, beginning with a SSL certificate request for the server(s) in question.\u00a0 Add any SAN names\/aliases you want (if not load balanced).<\/p>\n

 <\/p>\n

NOTE:<\/span><\/p>\n

Use CA Auto-Enrollment templates to simplify SSL request whenever an internal or external SSL certificate is required for your organization.\u00a0 Generally, external certificates require manual effort executing the certreq script.<\/p>\n

 <\/p>\n

Sample SSL certificate<\/p>\n

\"SCOM<\/a>
SCOM Web Console SSL Cert details<\/figcaption><\/figure>\n

 <\/p>\n

Less typing means less typos<\/span><\/strong><\/h3>\n

Below <\/span>SSL certificate example with any SAN names\/aliases (if not load balanced).\u00a0 Simplify the SCOM web console link to https:\/\/SCOM\/<\/span> versus https:\/\/SCOMSERVERName\/OperationsManager <\/span><\/p>\n

 <\/p>\n

\"IIS<\/a>
IIS manager server certificates with SAN DNSName aliases included.<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

Part 2 – Add authentication Smart Card in IIS<\/strong><\/h1>\n

Next! – I will set up SmartCard role in ‘SCOM WebConsole settings for authentication’.\u00a0 Additionally, review the Learn.microsoft.com site for IIS here<\/a>.<\/p>\n

Compatibility<\/h2>\n\n\n\n\n\n\n\n\n\n\n
Version<\/strong><\/td>\nNotes<\/strong><\/td>\n<\/tr>\n<\/thead>\n
IIS 10.0<\/td>\nThe\u00a0<iisClientCertificateMappingAuthentication>\u00a0element was not modified in IIS 10.0.<\/td>\n<\/tr>\n
IIS 8.5<\/td>\nThe\u00a0<iisClientCertificateMappingAuthentication>\u00a0element was not modified in IIS 8.5.<\/td>\n<\/tr>\n
IIS 8.0<\/td>\nThe\u00a0<iisClientCertificateMappingAuthentication>\u00a0element was not modified in IIS 8.0.<\/td>\n<\/tr>\n
IIS 7.5<\/td>\nThe\u00a0<iisClientCertificateMappingAuthentication>\u00a0element was not modified in IIS 7.5.<\/td>\n<\/tr>\n
IIS 7.0<\/td>\nThe\u00a0<iisClientCertificateMappingAuthentication>\u00a0element of the\u00a0<authentication>\u00a0element was introduced in IIS 7.0.<\/td>\n<\/tr>\n
IIS 6.0<\/td>\nThe\u00a0<iisClientCertificateMappingAuthentication>\u00a0element replaces the IIS 6.0\u00a0IIsCertMapper<\/strong>\u00a0metabase object.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

 <\/p>\n

 <\/p>\n

Add the Client Certificate feature for the SCOM Web Console<\/strong><\/h2>\n

Let’s add SmartCard authentication capability.<\/p>\n

 <\/p>\n

Open Server manager ><\/p>\n

\"Open<\/a>
Open Server manager<\/figcaption><\/figure>\n

 <\/p>\n

Click on Manage > Add roles\/features (top right)<\/p>\n

\"Scroll<\/a>
Scroll to the top right, and click on Manage, then ‘Add Roles or features’<\/figcaption><\/figure>\n

 <\/p>\n

Click Next twice to get to the Server Roles<\/p>\n

\"\"<\/a><\/p>\n

 <\/p>\n

Server Manager > Server Roles tab output<\/p>\n

\"Server<\/a>
Server Manager > Server Roles<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

Expand Web Server drop down<\/strong><\/p>\n

SCOM Web Console Authentication installing Client Certificate Mapping role<\/p>\n

Click the box to check ‘Client Certificate Mapping Authentication (Installed)’ and click Next twice (2) [ two times ]<\/p>\n

\"Expand<\/a><\/p>\n

Expand Server Manager > Web Server > Client Certificate Mapping Authentication<\/p>\n

Click Install (mine is greyed out as it’s enabled)<\/p>\n

\"Server<\/a>
Server Manager Features Install<\/figcaption><\/figure>\n

 <\/p>\n

Allow install to complete, server will prompt if reboot required.<\/p>\n

NOTE: Either way, reboot is required to apply new authentication method.<\/strong><\/span><\/p>\n

 <\/p>\n

Validate IISManager after reboot<\/p>\n

Click on Authentication to verify ‘Active Directory Client Certificate Authentication’ is present and enabled.<\/p>\n

\"IIS<\/a>
IIS Authentication with Client Certificate Authentication (after role installed)<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

After reboot, verify ‘AD Client Certificate authentication’ method is enabled and visible.<\/p>\n

 <\/p>\n

From IISManager > Server > Authentication > Verify method is there and enabled<\/p>\n

\"IIS<\/a>
IIS Authentication with Client Certificate Authentication (after role installed)<\/figcaption><\/figure>\n

 <\/p>\n

 <\/p>\n

Verify Default Web Site Authentication setup<\/strong><\/h3>\n

Verify Default Web site has Windows Authentication enabled.<\/p>\n

 <\/p>\n

Navigation steps:<\/p>\n

IIS Manager > Expand Sites > Default Web Site > Authentication<\/p>\n

Windows Authentication should be enabled, others disabled<\/p>\n

\"Default<\/a>
Default Web Site Authentication showing Windows Authentication ONLY enabled<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"

  Makes me think of the scene from Airplane with the AutoPilot blow-up, similarly parallel to engineer experiences talking about the SCOM Web Console configuration.\u00a0 I’m ready to dispel some myths to document securing the ‘SCOM Web Console for authentication’     Quick outline Knowledge Articles to aid with ‘SCOM WebConsole settings for authentication’ Configuring … Continue reading “SCOM WebConsole settings for authentication”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,5,530,502],"tags":[631,632,613,611,635,600,342,601,633,634,630,445,536],"class_list":["post-19425","post","type-post","status-publish","format-standard","hentry","category-administration","category-best-practice","category-scom","category-security","tag-ad-delegation","tag-how-to-setup","tag-hsts","tag-iis","tag-iismanager","tag-kerberos","tag-scom","tag-scom-web-console","tag-smart-card","tag-smartcard","tag-ssl","tag-tls","tag-web-console"],"yoast_head":"\nSCOM WebConsole settings for authentication - Kevin Justin's Blog<\/title>\n<meta name=\"description\" content=\"SCOM WebConsole settings for authentication helps setup the web console with SSL certs, SmartCards, IIS, and AD delegation for Kerberos Auth\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SCOM WebConsole settings for authentication - Kevin Justin's Blog\" \/>\n<meta property=\"og:description\" content=\"SCOM WebConsole settings for authentication helps setup the web console with SSL certs, SmartCards, IIS, and AD delegation for Kerberos Auth\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/\" \/>\n<meta property=\"og:site_name\" content=\"Kevin Justin's Blog\" \/>\n<meta property=\"article:published_time\" content=\"2023-07-17T19:20:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-07-24T12:11:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2023\/07\/airplane_autopilot-2.webp\" \/>\n<meta name=\"author\" content=\"WordPress Administrator\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"WordPress Administrator\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/\"},\"author\":{\"name\":\"WordPress Administrator\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#\\\/schema\\\/person\\\/3d7a90f4430bef43134eaa0a7e2cd508\"},\"headline\":\"SCOM WebConsole settings for authentication\",\"datePublished\":\"2023-07-17T19:20:37+00:00\",\"dateModified\":\"2023-07-24T12:11:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/\"},\"wordCount\":778,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/airplane_autopilot-2.webp\",\"keywords\":[\"AD Delegation\",\"how to setup\",\"HSTS\",\"IIS\",\"iisManager\",\"kerberos\",\"SCOM\",\"SCOM Web console\",\"smart card\",\"smartcard\",\"SSL\",\"tls\",\"web console\"],\"articleSection\":[\"Administration\",\"Best Practice\",\"SCOM\",\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/\",\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/\",\"name\":\"SCOM WebConsole settings for authentication - Kevin Justin's Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/airplane_autopilot-2.webp\",\"datePublished\":\"2023-07-17T19:20:37+00:00\",\"dateModified\":\"2023-07-24T12:11:02+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#\\\/schema\\\/person\\\/3d7a90f4430bef43134eaa0a7e2cd508\"},\"description\":\"SCOM WebConsole settings for authentication helps setup the web console with SSL certs, SmartCards, IIS, and AD delegation for Kerberos Auth\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/airplane_autopilot-2.webp\",\"contentUrl\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/07\\\/airplane_autopilot-2.webp\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/2023\\\/07\\\/17\\\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SCOM WebConsole settings for authentication\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/\",\"name\":\"Kevin Justin's Blog\",\"description\":\"Operational monitoring tools including System Center, Azure Monitor\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/#\\\/schema\\\/person\\\/3d7a90f4430bef43134eaa0a7e2cd508\",\"name\":\"WordPress Administrator\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g\",\"caption\":\"WordPress Administrator\"},\"sameAs\":[\"https:\\\/\\\/kevinjustin.com\"],\"url\":\"https:\\\/\\\/kevinjustin.com\\\/blog\\\/author\\\/wordpress_admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SCOM WebConsole settings for authentication - Kevin Justin's Blog","description":"SCOM WebConsole settings for authentication helps setup the web console with SSL certs, SmartCards, IIS, and AD delegation for Kerberos Auth","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/","og_locale":"en_US","og_type":"article","og_title":"SCOM WebConsole settings for authentication - Kevin Justin's Blog","og_description":"SCOM WebConsole settings for authentication helps setup the web console with SSL certs, SmartCards, IIS, and AD delegation for Kerberos Auth","og_url":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/","og_site_name":"Kevin Justin's Blog","article_published_time":"2023-07-17T19:20:37+00:00","article_modified_time":"2023-07-24T12:11:02+00:00","og_image":[{"url":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2023\/07\/airplane_autopilot-2.webp","type":"","width":"","height":""}],"author":"WordPress Administrator","twitter_card":"summary_large_image","twitter_misc":{"Written by":"WordPress Administrator","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#article","isPartOf":{"@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/"},"author":{"name":"WordPress Administrator","@id":"https:\/\/kevinjustin.com\/blog\/#\/schema\/person\/3d7a90f4430bef43134eaa0a7e2cd508"},"headline":"SCOM WebConsole settings for authentication","datePublished":"2023-07-17T19:20:37+00:00","dateModified":"2023-07-24T12:11:02+00:00","mainEntityOfPage":{"@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/"},"wordCount":778,"commentCount":0,"image":{"@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#primaryimage"},"thumbnailUrl":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2023\/07\/airplane_autopilot-2.webp","keywords":["AD Delegation","how to setup","HSTS","IIS","iisManager","kerberos","SCOM","SCOM Web console","smart card","smartcard","SSL","tls","web console"],"articleSection":["Administration","Best Practice","SCOM","Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/","url":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/","name":"SCOM WebConsole settings for authentication - Kevin Justin's Blog","isPartOf":{"@id":"https:\/\/kevinjustin.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#primaryimage"},"image":{"@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#primaryimage"},"thumbnailUrl":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2023\/07\/airplane_autopilot-2.webp","datePublished":"2023-07-17T19:20:37+00:00","dateModified":"2023-07-24T12:11:02+00:00","author":{"@id":"https:\/\/kevinjustin.com\/blog\/#\/schema\/person\/3d7a90f4430bef43134eaa0a7e2cd508"},"description":"SCOM WebConsole settings for authentication helps setup the web console with SSL certs, SmartCards, IIS, and AD delegation for Kerberos Auth","breadcrumb":{"@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#primaryimage","url":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2023\/07\/airplane_autopilot-2.webp","contentUrl":"https:\/\/kevinjustin.com\/blog\/wp-content\/uploads\/2023\/07\/airplane_autopilot-2.webp"},{"@type":"BreadcrumbList","@id":"https:\/\/kevinjustin.com\/blog\/2023\/07\/17\/scom-webconsole-settings-for-authentication-in-iis-configuration-and-leveraging-smart-cards-and-kerberos-auth-ssl-certs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/kevinjustin.com\/blog\/"},{"@type":"ListItem","position":2,"name":"SCOM WebConsole settings for authentication"}]},{"@type":"WebSite","@id":"https:\/\/kevinjustin.com\/blog\/#website","url":"https:\/\/kevinjustin.com\/blog\/","name":"Kevin Justin's Blog","description":"Operational monitoring tools including System Center, Azure Monitor","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kevinjustin.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/kevinjustin.com\/blog\/#\/schema\/person\/3d7a90f4430bef43134eaa0a7e2cd508","name":"WordPress Administrator","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/fca865cc5df90a25ae9533b1d9dea567a78c7469dc3202a376c8d117a0eaea11?s=96&d=mm&r=g","caption":"WordPress Administrator"},"sameAs":["https:\/\/kevinjustin.com"],"url":"https:\/\/kevinjustin.com\/blog\/author\/wordpress_admin\/"}]}},"_links":{"self":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts\/19425","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/comments?post=19425"}],"version-history":[{"count":27,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts\/19425\/revisions"}],"predecessor-version":[{"id":19536,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/posts\/19425\/revisions\/19536"}],"wp:attachment":[{"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/media?parent=19425"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/categories?post=19425"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kevinjustin.com\/blog\/wp-json\/wp\/v2\/tags?post=19425"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}