We did Remedy SSO with Kerberos.. 1) Create DNS for SSO server with a Type A record IP 2) Create SPN user with proper rights 3) Create new realm with Kerberos and SPN credentials. For the applications, make sure your using FQDN. I.e 'mymidtier.xyzcompany.com' 4) When installing the integrations make sure you are using the FQDN and port for the SSO server. I.e. 'mysso.xyzcompany.com:80/rsso' 5) Delete the default realm '*'
To access, you have to use FQDN. I.e. 'mymidtier.xyzcompany.com/arsys' I use Apache redirect to map out from a LB name. For instance, 'Remedy' I have it redirected to the above path.. On Mon, Nov 27, 2017, 9:10 AM Thomas Miskiewicz <tmisk...@gmail.com> wrote: > ** > Saw that one but it’s so wishy-washy I couldn’t believe this is it. > > This one’s a lot better: > https://docs.bmc.com/docs/rsso91/kerberos-authentication-process-662397346.html?src=search > > > Thanks > > Thomas > > > On 27. Nov 2017, at 16:06, LJ LongWing <lj.longw...@gmail.com> wrote: > > ** > something like this? > > > https://docs.bmc.com/docs/display/public/ars9000/Configuring+Kerberos+for+Authentication > > On Mon, Nov 27, 2017 at 7:53 AM, Thomas Miskiewicz <tmisk...@gmail.com> > wrote: > >> Hi there, >> >> in our development we’ve installed RSSO on our Mid Tier server. Then we >> run the installer again and told it to do the Mid Tier integration. At last >> we run the installer on the AR Server and told it to do the AR Integration. >> >> Is there a document that describes the Kerberos integration from this >> point? >> >> >> Thanks >> >> Thomas >> >> >> _______________________________________________________________________________ >> UNSUBSCRIBE or access ARSlist Archives at www.arslist.org >> "Where the Answers Are, and have been for 20 years" >> > > _ARSlist: "Where the Answers Are" and have been for 20 years_ > > > _ARSlist: "Where the Answers Are" and have been for 20 years_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
