cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Windows AD SSO not working silently

Go to solution
Former Member

on ‎07-30-2014 1:22 AM

0 Kudos

Hi,

I am configuring SSO using windows AD, as of now I am able to login to client and BI launchpad using Windows AD authentication successfully, but silent authentication is not working when I enter url in web browser.

when I check the log files in 'stdout.log' in tomcat it's giving below message.

2014-07-29 16:56:09 Commons Daemon procrun stdout initialized

com.businessobjects.webpath.rebean3ws.Activator

Debug is  true storeKey false useTicketCache false useKeyTab false doNotPrompt false ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is false principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false

        [Krb5LoginModule] user entered username: mpopuri@DOMAIN.LOCAL

Acquire TGT using AS Exchange

principal is mpopuri@DOMAIN.LOCAL

EncryptionKey: keyType=23 keyBytes (hex dump)=0000: C9 AF 52 43 71 7A 7A E8   B9 45 36 06 3C AC A4 C8  ..RCqzz..E6.<...

Commit Succeeded

I tried both using keytab and also including service account password in Tomcat properties (Java Options).

Please help me to troubleshoot this issue.

Thanks,

Mani

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member205064
Active Contributor
‎07-30-2014 11:10 AM
0 Kudos

there is a video on youtube

http://www.youtube.com/watch?v=EbpoIvh1Ue4

Use this link to downlaod the best PDF by  Steve for all your answers:-

http://blog.jamiebaldanza.org/wp-content/uploads/2012/04/Crystal-2011-AD-Authentication.pdf

follow steps by step and it will fix it.

there is nothing outside ths PDF which needs to done to get this working.

Show replies
Show replies
Former Member
‎07-30-2014 5:30 PM
0 Kudos

Thank you.

As per step 9, if I include (-Dcom.wedgetail.idm.sso.password=Password1) in Java options then I am getting below message but in URL if I use IP address then I am getting logon page.

HTTP Status 500 - com.wedgetail.idm.sso.ProtocolException: com.wedgetail.idm.spnego.server.SpnegoException: com.dstc.security.util.asn1.Asn1Exception: Bad tag encountered: 78

I followed the solution as described in discussion but no luck.

I have checked the logs 'stdout.log' and I don't see any vintela logs, when I checked the logs 'stderr.log' then I can see vintela logs it's giving

** credentials obtained .. **

I am getting these logs only when I run application with IP address.

Please advise.

Thanks,

Mani

Former Member
‎07-30-2014 8:31 PM
0 Kudos

SSO will not work from tomcat server.

did you try from a client machine?

Former Member
‎07-30-2014 8:36 PM
0 Kudos

I have tested SSO from client machine and it started working (before this I used server for testing). I think almost near to complete SSO setup.

Thank you!!!

Former Member
‎07-30-2014 8:59 PM
0 Kudos

excelent! mark as answered

Answers (2)

Answers (2)

Former Member
‎07-30-2014 9:36 PM
0 Kudos

Thanks everyone, now everything looks Good.

Show replies
Show replies
Former Member
‎07-30-2014 7:29 AM
0 Kudos

Please refer to the steps mentioned in the below DOC. If I'm not wrong, you might have missed something in the step # 9 and 11. Let me know if it helps!!

http://scn.sap.com/docs/DOC-26314

Show replies
Show replies
Ask a Question