Skip to Content
Former Member
Nov 13, 2012 at 12:37 AM

spnego issues after ad win2008 upgrade



Ive been trying to figure out how to reproduce in a sandbox environment a behavior we are seeing after the AD team began to upgrade the AD servers from 2003 to 2008.

Basically we get a double logon screen with the UNKNOWN ERROR at it.

**Note 1005209 doesnt apply due the versions.

We believe it is related to the DES encryption issue with Win 2008, cause until that date we were using spnego fine.

First I found a note 1457499 where it has an add-on and some details about the new spnego.

Our sandbox system was 701 sp06 so we set the spnego2 add-on, unfortunately we got the same result.

Then we tried updating the j2ee-core to sp09 as our remaining ep systems, still we got the same result.

Ive read some threads about a bug in some Sun JDK level, we are using SAPJAVA 4.

Not sure if i need to do the spnego from scratch and if so, not sure if i need to undeploy the components we set originally from note 994791.

Ive also brought the question to SAP, where they asked for the diagtool trace, we saw that theres the NTLM entry, since the issue in prod is random, we think is related to the momment, if the session goes to a 2003 AD server it works, if the session goes to a 2008 it fails.

Thats why we are trying to reproduce it in sandbox.

One funny thing is that im not seeing the ADD REALM button, and im wondering if the look and feel of the wizard should be as the spnego2, cause im seeing the old wizard all the time.

Any ideas will be very much appreciated!