cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Business Objects XI 3.1 SSO with IIS7.0 kerberos

Former Member

on ‎08-18-2009 8:46 PM

0 Kudos

Hi,

I have installed BOXI 3.1 on windows 2008 64 bit server, everything is working fine.

I started configuring SSO, i downloaded the document from market place and try to configure the BO server.

I have configured SSO with IIS 6 as well as apache tomcat but this is my first time experience with IIS 7 and its totally diffrent then IIS 6.

As per the document or thread I have completed step 1

In step 2 mention about IIS_WPG group but I didn't found IIS_WPG group, So do i need to create this group? or it is same as IIS_IUSRS?

Then in Step 3 for IIS admin, I didn't understand anything, where i need to create app pool and where i need to create virtual directory and so on. Can anyone please give me brief idea about step 3 for IIS admin.

Thanks,

Nimesh.

Edited by: Nimesh Panchal on Aug 18, 2009 9:47 PM

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

BasicTek
Advisor
Advisor
‎08-19-2009 1:46 AM
0 Kudos

The note 1356046 has been updated several times (that post was my 1st draft)

IIS_WPG is a built in group on the local computer, do not create it. It's in my computer > manager > groups

Search SAP notes for IIS 32 64 there are several notes on making sure IIS is running 32bit. If you have 64 bit IIS then the interface is completely different, I do not believe it's supported yet and definitely not documented.

Regards,

Tim

Show replies
Show replies
Former Member
‎09-03-2009 7:51 PM
0 Kudos

Hi Tim,

I have checked the SAP notes on IIS 7 32 bit and make all changes.

Now, still the issue of SSO is still pending. I can login to client system using AD manually but SSO is not Working.

But when i login to BO server(Remote Desktop) using my AD and from there i try to login to Infoview and SSO is working.

So from client system is not working. I have traced the network traffic from client machine using Microsoft network monitor and attched the 2 cap files, if you can look but can you tell me where i can send this cap files or how to attach with current forum.

Thanks,

Nimesh.

BasicTek
Advisor
Advisor
‎09-03-2009 8:54 PM
0 Kudos

You will have to open a case with support and get an engineer assigned. there is no means to submit log files via the forums as we are not supposed to be working cases through here.

What I do is rename the netmon cap file to *.pcap and open with wireshark (latest version). Then change the filter to kerberos to see the AS and TGS requests to AD. A failure should be pretty apparent (ignore preauthentication errors)

Regards,

Tim

Ask a Question