Skip to Content

Archived discussions are read-only. Learn more about SAP Q&A

SPNEGO wizard is not creating Keberos folder?

Hello,

I'm currently moving an existing system Portal to a new system and setting up SPNEGO using the wizard in the portal. The problem we've identified is that the Keberos folder and krb5.conf files are not being created after following all the steps in the SPNEGO wizard.

So, my questions are:

1) How do the krb5.conf files get created? Do we need to create an LDAP entry in the portal system configuration?

2) How should the Kerberos folder get created?

3) After running the SPNEGO wizard, does the wizard create any directories or entries?

Here are some details:

1) the new server is on Windows 2008, so we've followed the steps in this blog to add the new SPNEGO add-on files.

[SCN NetWeaver Basis Architecture Space] Change AD Users Encryption from DES to RC4 for Portal Kerberos - SPNego

2) The new version of our portal is: 7.02 SP 12

3) we've created a new ADS Service User, SPN and encrypted the keytab with RC4-HMAC-NT (we received errors trying to use RC4-HMAC, had to use RC4-HMAC-NT)


4) we're using this link for the SPNEGO wizard: <host>.<port>/spnego2.cfg


What I'm expecting to happen after I follow all the steps in the SPNEGO wizard, is the creation of the Kerberos folder in this directory path:


D:\user\sap\,SID>\SYS\global\kerberos


Does anyone know why this directory wouldn't be created after using the SPNEGO wizard?


Thanks in advance


Paul




Tags:
Former Member
Former Member replied

Here's what I did to get SSO working on the portal:

- referred to information on this page about creating the krb5.conf files

http://help.sap.com/saphelp_me60/helpdata/en/43/49a321fd975f89e10000000a1553f6/content.htm

- what's important about the krb5.conf files, is to put them in a folder with the java instance number.

- I then continued to configure the AS JAVA properties in the config tool found here.

Configuring AS Java Properties - Configuring Authentication and Single Sign-On - SAP Library

- lastly I ensured that in the SPNEGO wizard, the realm was enabled.

After that, SSO in the portal worked.

0 View this answer in context

Helpful Answer

by
Not what you were looking for? View more on this topic or Ask a question