We'd like to use SAPGUI SSO with Kerberos.
ERP is installed under AD root domain (ROOT.COM) in the forest.
Users are belongs to AD sub domain (SUBDOM.COM) in the same forest.
SNC name in user profile (SU01) is p:testuser@SUBDOM.COM
SAP Logon entry for SSO has SNC name, p:SAPService @ ROOT.COM.
Then user tries to log on via the entry for SSO, the error message "No user exists with SNC name "p:testuser@SUBDOM.COM""
I guess user's SNC name should be changed but I couldn't find what should be changed.
Kindly advise what setting is missing in our environment.