- SAP Community
- Products and Technology
- Additional Q&A
- Kerberos and SSO and SNC problem
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Kerberos and SSO and SNC problem
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 01-07-2011 1:07 AM
Hi forum members
I have SAP running on Linux.I have MSAD on windows 2003.I want to setup SSO using snc and MIT kerberos.
I have seen below link and follwed the steps.
I have generated the Keytab file from AD and configured the krb5.conf file.I have setup the parameters in profiles.My system is up and running with snc.
I have downloaded the gsskrb5.dll and copied into the windows/system32 directoory in my laptop.I have set the environment variables also .I have configured the logon pad entry for logon and enabled the snc field.
I clicked on sapgui and got the sap screen with standard fields like client ,user ,language and getting the error message at the bottom of the screen that
No user exist with snc name "p:amit@<DOMAIN>COM>
Please help to resolve the issue.
Thanks
Amit
Accepted Solutions (0)
Answers (2)
Answers (2)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
I had to include the port into the krb5.conf file,
It is resolved.
Thanks
Amit
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
If you check your user entry in SU01, do you have the correct entry in the SNC tab? If not, you can set it via SNC1.
Kind regards,
Mark
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi Mark
I have the same setting.
SU01-snc tab has p:domain user@<DOMAIN> and SAP Logon has same entry as snc/identity/as .
but i am getting below errors in the developer traces
Fri Jan 7 10:04:19 2011
N *** ERROR => SncPSetNewName()==SNCERR_BAD_NT_PREFIX [sncxxall.c 2207]
N SncPImportPrName() parsing error
N name="amita@DOMAIN name"
N <<- SncNameToAclKey()==SNCERR_BAD_NT_PREFIX
N in: name = "amita@DOMAINNAME"
What could be the issue.?
Thanks
Amit
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
here are the parameters i have setup
default profile
snc/data_protection/use 3
snc/data_protection/max 3
snc/data_protection/min 1
snc/permit_insecure_start 1
snc/accept_insecure_rfc 1
snc/accept_insecure_r3int_rfc 1
snc/accept_insecure_gui 1
snc/accept_insecure_cpic 1
snc/extid_login_rfc 1
snc/extid_login_diag 1
instance profile
snc/enable 1
snc/gssapi_lib /usr/lib64/libgssapi_krb5.so
snc/identity/as p:sapsnc/domainname@DOMAINNAME
Thanks
Amit
- SQL query is not written completely in framework.trc - SDI Smart Data Integration in Technology Q&A
- Coloring a row in a table based on selection (SAC Table CSS) in Technology Q&A
- CDS View Table functions Abap Class consume with parameters in Technology Q&A
- Business Partner: Customer should not update Vendor in Enterprise Resource Planning Q&A
- purchase requisition with release code and (RFQ request) and status 08 release refused in Enterprise Resource Planning Q&A
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.