Skip to Content
Former Member
Oct 09, 2008 at 06:46 AM

Single Sign On with Microsoft AD



I've tried to implement the single sign on with an Microsoft Active Directory. I followed several documentations on the but unfortunately it doesn't work yet.

I've done the following steps:

- created a user in the active directory j2ee-<SID>

- runned the "setspn ..." cmd on the kerberos machine (domain controller)

- runned the spnego wizard from the NW Administrator (http://portal:50000/nwa -> configuration management -> security -> spnego configuration)

- added the login module "SPNegoLoginModule" to the "ticket-policy configuration"

- modified the existing policy configuration "" and added the SPNegoMappingLoginModule

- I am able to login with the domain user/password on the portal frontend

- internet explorer is configured to use integrated authentication and the portal website is in the intranet zone

When I open the portal site with Internet Explorer the site opens but i see the login screen. Therefor it doesn't automatically login. Which step did I miss?

Thanks for your answers,