Post Go-Live Issues using Kerberos
We went live with 40,000 users using the Kerberos single signon technology about a month back.
Post Go-Live we have been receiving lot of issues from the user side
regarding logging problems. Some of them we could solve by checking the
IE security settings, but most of them still have the problems logging
When investigated we found that users are trying to login to the system from other domains outside the firewall. Things are such that we cannot make any changes in firewall settings.
We wanted to know whether can we have a fallback using the NTLM technology or any other way out for these users.
The other limitation is we have Portal Unix based server (Sun Solaris) which will not support NTLM technology.
Also we are using the ADS for authentication while for getting portal roles we are using microsoft ADAM instance. The ADAM instance does not store user password, thereby the basic authentication fails there itself.
Any suggestions are welcome.
Thanks and Regards,