on 07-24-2008 12:49 PM
Hi All,
We have EP7 installed with MSCS (Windows 64 bit with Oracle) for high availability. The configuration is as under:
SCS instance & Database running on Cluster
CI running on Node B outside of Cluster
DI running on Node A outside of Cluster
We are in the process of configuring SPNego for windows integrated authentication and would like to clarify against which servers setspn command should be executed on Domain Server.
I plan to run:
setspn -A HTTP/Node B <Username>
setspn -A HTTP/Node A <Username>
setspn -A HTTP/SAPClustername <Username>
Is it correct/sufficient?
Your thoughts on this would be appreciated.
Regards
Chandu
Hi Chandu,
From your description, I can understand that you are trying to implement Kerberos authentication to enable windows users to login into portal with out providing user id and password.
It works only in scenarios with separate portal installation. If it is a ABAP + Java installation, you can not implement Kerberos authentication.
If it is seperate Java stack, let me know... May be i can help regarding this...
And about the setspn command, setspn for CI is sufficient.
Regards,
Nadh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sounds correct to me. The important thing I believe is the virtual clustername which the users are accessing it via.
Paul
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
88 | |
23 | |
11 | |
9 | |
8 | |
5 | |
5 | |
5 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.