on 05-02-2007 4:08 PM
Hi,
We are trying to configure SPNego on EP7 SP11 portal. Our ADS directory structure is as below
Root Domain (xxxxxx.net)
|__ AM Domain (am.xxxxxx.net) america subdomain
|__ EU Domain (eu.xxxxxx.net) eurpoe subdomain
|__ AP Domain (ap.xxxxxx.net) asia subdomain
We have created the service user in the AM domain (j2ee-<SID>) and registered it with the ADS service. We have successfully configured the datasource configuration and the "Test Connection" and "Test Authentication" both work successfully. The service user when searched from the Identity management for the "krb5principalname" is retrieved correctly.
When we run the SPNego wizard in the step for adding "Kerberos Realm" we enter the Realm adn the KDC. In the "Service User name" we enter the same user as j2ee-<SID>@xxxxxx.net. When we click on next the error message is popped with the message that the service user is not found.
Is there anything that needs to be done in the configuration of the service user ?
Can the service user be created in the am.xxxxxx.net subdomain or it should be on the root domain ?
Thanks!!
Create service ids in sub-domains and not in the root domain.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
94 | |
11 | |
10 | |
9 | |
9 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.