AD authentication for BI4.0 on NW7.3x portal
Hi Team BI
I have been asked to configure AD authentication, following Steve Fredell's "Configure Active Directory Manual Authentication and SSO for BI4" I could successfully get AD authentication working fine with tomcat
However when I use the same BOE/CMC with imported early into portal I get the error:
Account Information Not Recognized: Active Directory Authentication failed to log you on. Please contact your system administrator to make sure you are a member of a valid mapped group and try again. If you are not a member of the default domain, enter your user name as UserName@DNS_DomainName, and then try again. (FWM 00006)
So tomcat obviously understands the kerberos authentication, I have made sure the same server principle name and AD administrator credentials are the same, is in use by tomcat and portal both use SAPService<SID>
Any tips as to what I need to do to get Windows AD authentication working to BOE/CMC from a NW7.3 portal? Do I need to re-import the BOE deployment?
Well I raised a ticket with SAP Support who responded with a "this is consulting" type answer , but they did provide a unreleased note ("internal") 1852377, which I could follow and get things working without 30 minutes. I was 95% there, just was missing the subnode configuration for the com.businessobjects.security.jgss.initiate policy.
Anyway I wrote a how to blog post on the subject