cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP BO 3.1 SP5 Manual AD Authentication works but SSO does not

ashokkandikanti2
Explorer

on ‎03-31-2017 6:36 PM

0 Kudos

We followed tim.ziemba document SSO Kerberos XI 3.1 SP 3 or later

Issue :

InfoView Manual Authentication for all Windows AD Users but SSO Does not

Please help.

let me know if you need additional information.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

BasicTek
Advisor
Advisor
‎05-17-2017 3:48 PM
0 Kudos

no credentials obtained means that the value for idm.princ@IDM.REALM in your global.properties is not working, or you don't have

-Djcsi.kerberos.debug=true in your tomcat java options. With that tracing enabled, tomcat restarted (preferably delete any old logs) KBA 1631734 instructs to look for credentials obtained. If that fails the values in the global.properties are not correct (lok for typos, spaces, etc)

Regards,

Tim

Show replies
Show replies
Former Member
‎05-08-2017 7:49 AM
0 Kudos
Hi Tim, No failing error messages, it is prompting to main page, after entering windows ad credentials manually it is working fine. But sso is enabled in CMC and also correct DNS values in properties files. I have verified the logs and not showing credentials obtained. Please suggest other any settings need to check. thanks
Show replies
Show replies
BasicTek
Advisor
Advisor
‎04-25-2017 6:50 PM
0 Kudos

did you get the credentials obtained in the tomcat logs? Is SSO failing with a login screen, or is there an error. An error indicates SSO is actually enabled, and your AD configuration is probably incorrect (SPN's delegation, DNS, values in global.properties, etc), login screen can mean SSO isn't enabled (check for credentials obtained) or sometimes also means the AD configuration is incorrect.

Regards,

Tim

Show replies
Show replies
Ask a Question