Skip to Content

SSO issue (BI 4.2 SP5)

we are on SAP BI 4.2 SP5

Error: (BI Launchpad for windows AD users)

Account information not recognized: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)

- SSO works for Client tools

Completed the following:

1. verified bsc config file

2. verified krb5.ini file

3. kinit command stores a new file without any issues

4. verified file

where did I go wrong?

Add comment
10|10000 characters needed characters exceeded

  • Error from STDOUT.LOG

    Cannot locate KDC

    Debug is true storeKey false useTicketCache false useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false

    [Krb5LoginModule] user entered username: USER_ID@DOMAIN

  • I have fixed your tag, please select more careful next time.

2 Answers

  • Posted on Apr 17, 2019 at 01:26 PM


    since when do you get this error message? Did you do an upgrade on your system or is it a new SSO configuration?

    Best regards,


    Add comment
    10|10000 characters needed characters exceeded

  • Posted on May 01, 2019 at 12:51 PM

    If you are seeing this "Cannot locate KDC" it means your krb5 is not working, now that would be conflicting with kinit working so check the folowing

    1) kinit typically uses krb5.ini in the c:windows directory unless a rarely known change was made in the JDK config files.

    2) tomcat will use the krb5.ini specified in the path defined in the java options. If this path is other than c:\windows then it would explain the difference


    Add comment
    10|10000 characters needed characters exceeded