Hello everyone I want to use Windows client/server + MIT Kerberos & OpenLadp to implement SSO authentication. On the application server side, I use LsaLogonUser() to ask for a Network style logon through S4U Kerb extension. But the LsaLogonUser() failed. According to the KDC Server's log, there is a error "LOOKING_UP_SERVER: authtime 0, host/sample....@sample.com for host\/sample....@sample.com, Server not found in Kerberos database" in TGS_REQ. According to the application server's log, the sname-string is 1 item and SNameString is host/sample.com in req-body of tgs-req. I think the sname-string should be 2 items and SNameString are host and sample.com.
My question is the S4U in windows can't implement SSO authentication with MIT Kerberos & OpenLadp? Or I mistaken about some configuration on Windows side or on MIT Kerberos & OpenLadp side? Thanks in advance Chris ================================ Rocket Software, Inc. and subsidiaries ? 77 Fourth Avenue, Waltham MA 02451 ? Main Office Toll Free Number: +1 855.577.4323 Contact Customer Support: https://my.rocketsoftware.com/RocketCommunity/RCEmailSupport Unsubscribe from Marketing Messages/Manage Your Subscription Preferences - http://www.rocketsoftware.com/manage-your-email-preferences Privacy Policy - http://www.rocketsoftware.com/company/legal/privacy-policy ================================ This communication and any attachments may contain confidential information of Rocket Software, Inc. All unauthorized use, disclosure or distribution is prohibited. If you are not the intended recipient, please notify Rocket Software immediately and destroy all copies of this communication. Thank you. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
