Download the KClient software from the link above.

Once it is downloaded, double-click the file to run the KClient installer.

Once the installation has completed, you may be asked to reboot. Say yes to the reboot.

Once your computer has rebooted, copy the krb.con file you downloaded into your c:\windows directory. The installation program puts a default krb.con file in this directory, but you should replace it with the one you downloaded.

You should see a key icon with a red X on it in the Windows system tray in the bottom right of the screen. Right-click once on this icon and choose Options from the menu that pops up. In the Time Server box you should type clock1.unc.edu or clock2.unc.edu .

The remaining options are dependent on how you want to set them up. The "Synchronize clock with time server on startup" and "Destroy tickets when kstatus exits" options are recommended. Kerberos authentication requires that the client machine's time deviate no more than five minutes from that of the Kerberos database server. If you already synchronize your time with one of the UNC clock servers, you should be okay.

After you have finished setting up KClient, you must make an adjustment to the Mulberry preferences. Open Mulberry (remember you must be using at least version 1.4). If prompted to log in, do so, since Mulberry will sometimes quit the application if you hit cancel. Choose Preferences under the File menu. Once the preferences are open, click the radio button on the right labeled Advanced to open the advanced preferences. Next, choose the Accountstab; make sure the account chosen is your IMAP server (by default is is called "imap"), and find the section with the Authenticate tab.

On the Authenticate tab, you will see a "Method of authentication". By default it is "Plain Text". Click the menu to choose Kerberos V4 as the authentication method. After you make this selection, the section below the menu will change. Make sure the Use Default Server Principal box is not checked. In the Server Principal box, enter imap.mailserv0@ISIS.UNC.EDU .

Once you have made those changes, you are finished setting up Mulberry for Kerberos 4 authentication. You should exit Mulberry and restart it. After restart, you should see a User ID/Password box with a key on it. This is the KClient application prompting for authentication information. Use your Isis login and password and click OK. Mulberry should open normally. You will know for sure that you authenticated properly if the key in the system tray is not marked with a red X.