Skip to Content
0
Former Member
Jan 09, 2012 at 08:11 AM

AD Authentication not work in Crystal Server 2011 (FWM 00005)

121 Views

BO server : Windows 2008 R2 SP1 (domain member server) server name : CR2008R2

AD server : Windows 2003 R2 SP2

Previous 2008V0 deployment : AD authentication was okay!

New 2011 server deployment : CMC AD Login with the following errors :

Account Information Not Recognized: The Active Directory Authentication plugin could not authenticate at this time. Please try again. If the problem persists, please contact your technical support department. (FWM 00005)

kinit test is okay.

krb5.ini :

[libdefaults]

default_realm = DANIELCO.COM.HK

dns_lookup_kdc = true

dns_lookup_realm = true

udp_preference_limit = 1

default_tgs_enctypes = des-cbc-crc

default_tkt_enctypes = des-cbc-crc

[domain_realm]

.domain.com = DANIELCO.COM.HK

domain.com = DANIELCO.COM.HK

[realms]

DANIELCO.COM.HK = {

admin_server = DCSRV1.DANIELCO.COM.HK

default_domain = DANIELCO.COM.HK

kdc = DCSRV1.DANIELCO.COM.HK

}

setspn -L spn2011

Registered ServicePrincipalNames for CN=spn2011,CN=Users,DC=danielco,DC=com,DC=hk:

BOBJCentralMS/CR2008R2.DANIELCO.COM.HK

HOST/spn2011

HOST/spn2011.danielco.com.hk

tried to run ktpass cmd to create and place a Kerberos keytab file but retruned

unable to set spn mapping data

hence, could not login CMC thru AD

In BI 4 Launchpad, no AD login could be selected!

CMC could see and add AD groups.

Please help! Thank you very much!