The SSO for BI 4.0 Sp2 was working and once we upgraded to SP7, the SSO stopped working.
I did everything give in the SAP SSO documents. Windows AD manual login works and SSO for the Client tools are also working fine.
bsclogin:
com.businessobjects.security.jgss.initiate {
com.sun.security.auth.module.Krb5LoginModule required debug=true;
};
krb5:
[libdefaults]
default_realm = GLOBAL.UMUSIC.NET
dns_lookup_kdc = true
dns_lookup_realm = true
default_tgs_enctypes = rc4-hmac
default_tkt_enctypes = rc4-hmac
udp_preference_limit = 1
[realms]
GLOBAL.UMUSIC.NET = {
kdc = USHPEWSDOM001.GLOBAL.UMUSIC.NET
default_domain = GLOBAL.UMUSIC.NET
}
Launchpad.proerties:
authentication.visible=true
authentication.default=secWinAD
global.properties:
sso.enabled=true
siteminder.enabled=false
vintela.enabled=true
idm.realm=GLOBAL.UMUSIC.NET
idm.princ=umg.boadmintulsa.sv
idm.allowUnsecured=true
idm.allowNTLM=false
idm.logger.name=simple
idm.logger.props=error-log.properties
idm.keytab=C:/Windows/keytabfilename.keytab
idm.allowS4U=true
My Service account name: Global\umg.boadmintulsa.sv
Service principal name = SAPBICentralMS/UMG.BOADMINTULSA.SV.GLOBAL.UMUSIC.NET
Java config in Tomcat:
-Dcom.wedgetail.idm.sso.password=*****
-Djcsi.kerberos.debug=true
-Djava.security.auth.login.config=C:\Windows\bscLogin.conf
-Djava.security.krb5.conf=C:\Windows\krb5.ini
Regards