I want to implement SSO with AD on my new SAP server( not installed yet). I have a parent domain 123 and abc and xyz as its child domain. I want to install SAP on xyz and route the SSO to abc, can it be possible? I read few docs regarding SSO with AD but could not connect the terms properly like LDAP server, do we really need it? I just want to know the concept behind SSO with AD and major steps( prerequisite also) so that I can implement SSO. Can someone help me with some good document or weblink to it.