cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AD Manual login not working for multidomain

omkarsambare
Employee
Employee

on ‎06-03-2020 9:49 PM

0 Kudos

Hi Everyone,

I am working on AD manual and SSO configuration for users from multiple domains in single forest.

BI version is 4.2 SP6 Patch 8 & Tomcat 8 deployed on Windows Server 2012R2

Windows Server : IDC.XYZ.NET

Service account : GAMMA.XYZ.NET

I have completed the configuration as per the KBA 2629070 and SSO is working for the users from all the domains (DELTA, ALPHA, & GAMMA domain which all are subdomain of XYZ.NET). However the users are not able to login manually to BI launchpad/CMC except for the users from GAMMA domain.

The users from all the domain are able to login to CCM->Manage servers and UDT.

Based on troubleshooting and errors found in stdout.log file found 2337643 - Java AD fails for multi domain multi forest environment, which mentions to be the bug with java1.8.

I am currently trying to configure the AD plugin with IDC domain to check if it works.

Want to know if there is any workaround apart from reconfiguration.

Regards,

Omkar

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

omkarsambare
Employee
Employee
‎06-04-2020 7:14 PM
0 Kudos

Hi Tim,

Got it working by making changes in the krb5.ini file.

Thank you.

Show replies
Show replies
BasicTek
Advisor
Advisor
‎06-04-2020 6:36 PM
0 Kudos

To note that bug is a multi forest issue not multi domain (in the same forest) most likely the problem is just the specific domain in the krb5.ini https://apps.support.sap.com/sap/support/knowledge/preview/en/1245178

Is everything entered in all CAPS?

-Tim

Show replies
Show replies
Ask a Question