Solved: limit tomcat's access to a specific domain control...

former_member401188 · ‎11-07-2018

Hello Experts.

We have this challenge. Our BO enviroments tomcat access the domain controller in domain A (std. kerberos setup) . The domain controller returns all domain controllers it knows, but the tomcat doesn't have access to all of the them due there location/ firewall etc etc. So when you log on with SSO, sometimes it take a long time due to the tomcat is trying to get the ticket verified by one of the domain controlleres that it cant reach - so it takes the next in line and so on, and finally it reach one that is available, and you are logged on. So my question is, can we somehow tell the tomcat, that no matter what the DC return, you shall always use this DC to authenticate ???

Thanks

Henrik

Oldskoolskater · ‎11-08-2018

Hi,

How about this SAP note?

1958936 - How to force SSO to use a specific domain controller

Oldskoolskater · ‎11-09-2018

Great news Henrik - Glad it did the trick 🙂

former_member401188 · ‎11-08-2018

Hi Stephen,

The users was delayed depending on which DC they where authenticated against.

But the note that you have found did the trick ! It is incredible that I didn't find that, taken into account that I have spend many hours on google and launchpad.support.sap.com... .;-)

Thanks a lot !

Cheers Henrik

Oldskoolskater · ‎11-08-2018

A question Henrik,

When you are delays with SSO are all users sessions affected or just single users?

former_member401188 · ‎11-07-2018

Yes I can, but I have only specified one - but when the tomcat queries the specified DC, then it will receive all domain controllers and that is the problem.

limit tomcat's access to a specific domain controller

Accepted Solutions (1)

Accepted Solutions (1)

Answers (4)

Answers (4)

Re: SAP Build Work Zone Content Explorer Can't Sho...

Re: Flexible Workflow for PR

Integrate an external task system to Cloud ALM.

Dropdown scripting

What is Capacity Units for SAP Build Code?