We are trying to setup SSO oer SAP NOTE 1483762 with the following config :
OS : W2K8 R2 SP1
IIS : 7.5 (Used as Redirector to Tomcat with ISAPI plugin)
SSL : Yes, Cert on IIS Tomcat : 6.0.35
BO : BOXI 31 SP5
Cluster : Yes, 3 NODES
Authentication : AD/Kerberos/Vintella AD
Forest : Single AD
Domains : Multiple in a single forest
SPN entries info are as follows :
http/WebHostname IP BOServiceAccount
When attempting to perform SSO with straight Tomcat , that works just fine. However, when attempting the same by hitting site on IIS , it does forward to BO Logon page with AD authentication selected but does NOT SSO me in. When attempting the manual AD Logon after IIS redirect , does work fine though.
I was wondering as to if other can share there experience on IIS/Tomcat/BO/AD/Kerberos/Vintella SSO configurations and how did they achieve it. Also, what would be process to debug this .... pointers on that are appreciated.