You can configure the IP address or the range of IP addresses of the clients for which Kerberos authentication must be skipped or performed using the kerberos.exclude or kerberos.include keywords respectively.
NOTE:You can specify only kerberos.exclude or kerberos.include argument in the kerb.properties file not both.
To configure this option, add the following entry in the kerb.properties file:
For information about how to modify a file, see Modifying Configurations.
kerberos.exclude=IP Address/Range separated by comma.
kerberos.include=IP Address/Range separated by comma.
For example:
kerberos.exclude=1.1.1.1-9.255.255.255,10.50.1.1 - 10.50.1.50,11.1.1.1-255.255.255.255
or
kerberos.include=10.1.1.1-10.49.255.255,10.50.1.51-10.255.255.255
For the clients coming from the IP addresses specified in kerberos.exclude, Kerberos authentication will be skipped and will fall back to the custom authentication class. See (Optional) Configuring the Fall Back Authentication Class.
For the clients coming from the IP addresses that are not specified in kerberos.include, kerberos authentication will be skipped and will fall back to the custom authentication class. See (Optional) Configuring the Fall Back Authentication Class.