on 11-07-2018 4:24 PM
Hello Experts.
We have this challenge. Our BO enviroments tomcat access the domain controller in domain A (std. kerberos setup) . The domain controller returns all domain controllers it knows, but the tomcat doesn't have access to all of the them due there location/ firewall etc etc. So when you log on with SSO, sometimes it take a long time due to the tomcat is trying to get the ticket verified by one of the domain controlleres that it cant reach - so it takes the next in line and so on, and finally it reach one that is available, and you are logged on. So my question is, can we somehow tell the tomcat, that no matter what the DC return, you shall always use this DC to authenticate ???
Thanks
Henrik
Hi,
How about this SAP note?
1958936 - How to force SSO to use a specific domain controller
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Great news Henrik - Glad it did the trick 🙂
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stephen,
The users was delayed depending on which DC they where authenticated against.
But the note that you have found did the trick ! It is incredible that I didn't find that, taken into account that I have spend many hours on google and launchpad.support.sap.com... .;-)
Thanks a lot !
Cheers Henrik
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
A question Henrik,
When you are delays with SSO are all users sessions affected or just single users?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes I can, but I have only specified one - but when the tomcat queries the specified DC, then it will receive all domain controllers and that is the problem.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
101 | |
13 | |
13 | |
11 | |
11 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.