Skip to Content
author's profile photo Former Member
Former Member

SPNs for DEV and Prod Servers for SSO Configuration

Issue # 1


I have setup my Dev and Production servers.

I am concerned about one bit. The Service account for Dev and Prod servers is the same.

Would creating SPN for the DEV and Prod systems under the same Service account, cause issues while Integrating AD and setting up SSO?

I have read on some forums that specifying additional servers would cause issues.

it would be good to have some suggestions here.

Issue # 2


I have setup a Clustered environment with the Intelligence and Processing Tiers clustered across two systems and two tomcat servers load balanced.

I am following the steps suggested by Steve Fredell's document.

Is there a guide/document i could refer to for SSO setup with Multiple domains on a clustered setup? How different is it vs doing the setup on a single server?

has anyone encountered issues so far?

Also, the default encryption for the keytab is RC4 however the network admin is suggesting a stronger encryption. Has anyone tested a stronger encryption mechanism and sucessuly deployed Bi under the same

Please suggest?



Add comment
10|10000 characters needed characters exceeded

1 Answer

  • Posted on Sep 11, 2014 at 05:55 AM

    There is no problem if you keep same SericeAccount for 2 Env.

    In Cluster Env configuration would be same no extra effort, configuration is tomcat dependent not CMS or Processing Server dependent.

    Encryption is by default RC4 in 3.1 and 4.1

    Add comment
    10|10000 characters needed characters exceeded