cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SSO and kerberos for another clients on the same server

romeldavid_rodriguezdelac
Explorer

on ‎07-22-2016 7:09 PM

0 Kudos

Hello Expert

We want to enable SSO with Kerberos in our AD domain

I already made some test and they work fine, but, I have this questions:

1.- should all user have the canonical name mapped? Because if the server has the snc setting users without canonical name mapped cannot logon to the SAP server

2.- Can I logon in another client (such as 000) if the server has the SNC Settings enable?

3.- what happen with the default users, such as sap* or DDIC?

I am using just the snc settings with AD

The PC users has the SAPSSO.msi installed

Thank you in advance

Romel D.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

donka_dimitrova
Contributor
‎07-28-2016 8:21 AM
0 Kudos

Hello Romel,

See the SAP Note: https://launchpad.support.sap.com/#/notes/352295


If you need only to encrypt the communication between the client and the server using a Kerberos token, when you use the CommonCryptoLib (SAP Single Sign-On) for this encryption the configuration of the SNC users is not necessary. See more details here: https://launchpad.support.sap.com/#/notes/2338174 in Secure Login Client and CommonCryptoLib part

Regards,

Donka Dimitrova

Show replies
Show replies
romeldavid_rodriguezdelac
Explorer
‎08-04-2016 4:39 PM
0 Kudos

Hello Donka

Thank you for answer, I already checked the note, and in my test system worked.

But if I enable snc communication I can not log to the system with de sap*?

and what happen with the 000 client? Do I have to map users to AD since this is not a productive client?

Best regards

romeldavid_rodriguezdelac
Explorer
‎07-27-2016 11:12 PM
0 Kudos

someone?

Show replies
Show replies
Ask a Question