Re: SSO Working Intermittently?

[Kyle Evans]

Sometimes we have machines that don't do SSO properly.  I think 100% of the time it has been due to the time on the machine being more than 5 minutes out of sync with the domain controller.  Kerberos requires the time to be within 5 minutes in order to work properly.  Jeremy Wood wrote: Hey Justin, I have seen that too on our setup. We have 3 AD Controllers and use SSO for all of our faculty and staff members. Initially I used only a single controller to handle SSO requests but when this problem started to become more frequent I moved to a domain level SSO. This seems to have fixed most of the problems but every so often we have someone fallback to LDAP. The only thing that seems to be constant for us, in this regard, is inconsistency. I'm hoping that with the next release there are a number of little bug fixes like this that really hinder a seamless CCA experience. Jeremy Wood Norwich University On Mon, Jul 14, 2008 at 6:07 PM, Justin Howell <[EMAIL PROTECTED]> wrote: I've had SSO authentication setup for many months with no problems. All of a sudden, near the end of last month, I'm getting some users that SSO has stopped working. Some users log into the domain and do SSO just fine; others are presented with the login box for the Clean Access agent. Any ideas? I don't think anything has really changed … the only thing of note even related to the auth server (Active Directory) is we migrated our user mailboxes to a new Exchange server. All the auth tests work fine. I can't find any commonality between the users having problems, or between those that aren't. Justin Howell Telecommunications Network Technician Solano Community College