Skip to main content
Skip table of contents

SOAP API Windows Authentication Setup (LogRhythm 7.x.x)

  LogRhythm 7.8 was the last published version of the SOAP API. LogRhythm is deprecating the SOAP API in favor of more effective and sustainable integration through RESTful APIs. While the SOAP API is still usable in 7.9, we encourage customers and partners using the SOAP API to migrate their integrations to REST APIs. For more information on REST integration, see our REST API documentation.

Using the LogRhythm SOAP API with Windows Authentication requires that the web server be configured to perform cross-machine delegation using Kerberos. The following steps describe the configuration changes required to enable Windows Authentication. Some of these steps require security changes in Active Directory and must be performed by a Domain Administrator. Windows Authentication is only supported if all servers and accounts are members of the same Active Directory forest.

Additional Resources

Understanding Kerberos Double Hop

Registering a Service Principal Name for Microsoft SQL Server

Delegation and Impersonation with WCF
 
Enable Kerberos Event Logging
 
DelegConfig is a very useful ASP.NET application for validating Kerberos configuration. However, it must be installed and configured on the IIS web server as a .NET 2.0 application.
http://www.iis.net/downloads/community/2009/06/delegconfig-v2-beta-(delegation-kerberos-configuration-tool)
http://blogs.iis.net/bretb/archive/2008/03/27/How-to-Use-DelegConfig.aspx
http://blogs.iis.net/brian-murphy-booth/archive/2007/03/09/delegconfig-delegation-configuration-reporting-tool.aspx



JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close