PDA

View Full Version : Identity Awareness Kerberos SSO config



attila.peter.hu
2013-10-10, 05:15
Hello!

I am trying to implement an Identity Awareness demo environment and everthing is working except the SSO. The Agents always ask for username and password manually and I don't know why.

I have made distributed configuration with AD Tool and then made a costum package - just for silent install deployment -. Everything was working correctly and then I have tried to make the SSO with the below steps but it doesn't worked.

- Create a new user in the AD with the name ckpsso.
- Mapp te user
ktpass -princ ckp_pdp/ia_teszt.com@ia_teszt.com -mapuser ckpsso@ia_teszt.com -pass qwe123@# -out unix.keytab /crypto ALL -ptype KRB5_NT_PRINCIPAL
- Activate the SSO configuration on the LDAP object.

When I have seen the actuall trafic in the client it seems that it has a TLS encryption alert with the firewall.

Thanks,
Peter