Single Sign On with Microsoft AD
I've tried to implement the single sign on with an Microsoft Active Directory. I followed several documentations on the sdn.sap.com but unfortunately it doesn't work yet.
I've done the following steps:
- created a user in the active directory j2ee-<SID>
- runned the "setspn ..." cmd on the kerberos machine (domain controller)
- runned the spnego wizard from the NW Administrator (http://portal:50000/nwa -> configuration management -> security -> spnego configuration)
- added the login module "SPNegoLoginModule" to the "ticket-policy configuration"
- modified the existing policy configuration "com.sun.security.jgss.accept" and added the SPNegoMappingLoginModule
- I am able to login with the domain user/password on the portal frontend
- internet explorer is configured to use integrated authentication and the portal website is in the intranet zone
When I open the portal site with Internet Explorer the site opens but i see the login screen. Therefor it doesn't automatically login. Which step did I miss?
Thanks for your answers,