BO Manual Windows AD: krb5.ini [capaths]

Former Member · ‎02-06-2017

Hi, in our BO 4.1 SP06 patch 6 platform

We have problems with manual authentication for users from remote domains. This error arises:

Account information not recognized: The Active Directory Authentication plugin could not authenticate at this time. Please try again. If the problem persists, please contact your technical support department. (FWM 00005)

We have this scenario:

Tree1...

PARENT.COM

A.PARENT.COM

Tree2...

PARENT.NET

A.PARENT.NET

There is also a 2-way bidirectional trust between PARENT.COM and PARENT.NET

Our CMS is running on a machine in domain A.PARENT.COM

Users from domain A.PARENT.COM can authenticate without problems but

users from A.PARENT.NET can't

We have solved in the past similar problems configurating properly [capaths] section in krb5.ini. But because we can't find enough information to understood how to set this section we don't find now the correct [capaths] syntax.

Does anyone, that have solved a similar problem, know How must we change our [capaths] section in our scenario?.

Thanks in advance.

Carlos

BasicTek · ‎12-18-2018

use this KBA https://apps.support.sap.com/sap/support/knowledge/preview/en/1245178 and more specifically https://apps.support.sap.com/sap/support/knowledge/preview/en/1406795 .

Are the trusts forest trusts or external, to verify if it's a trust issue login to the CCM on the BI server console with a user from the remote forest. If that works then you should be able to fix the issue with capaths, if that fails then you probably need a forest trust in place of the external one.

-Tim

BO Manual Windows AD: krb5.ini [capaths]

Accepted Solutions (0)

Answers (1)

Answers (1)

Iterating through JSONModel with multiple nested a...

Re: Connecting SAP CAP with SAP Cloud ALM

How to use CopyProvider on Table created by TypeSc...

How to execute/fire onPost when user press enter o...

Re: Connecting SAP CAP with SAP Cloud ALM