|juniorra ||02-25-2014 06:33 PM |
SSO - Kerberos - error_code: KDC_ERR_BADOPTION
I am trying to setup SSO Kerberos authentication on BES 5. I have read through the instructions and completed the steps required. When user tired to connect to protected site they get promoted for credentials. I checked the MDAT log and found the following error
<2014-02-25 13:50:42.803 EST>::<MDS-CS_SE100620_MDS-CS_1>:<DEBUG>:<LAYER = SCM, impersonation cannot be done on the host of this url, e=GSSException: Failure unspecified at GSS-API level (Mechanism level: com.dstc.security.kerberos.KerberosError: KDC can't fulfill requested option
Error code: 13
Error message: null
Client name: null
Client realm: null
Client time: null
Server name: HTTP/test.com
Server realm: fake.test.com
I looked at this article KB23457 Browser is prompting for credentials after MDS Connection Service has been configured for Integrated Authentication[/url] Browser is still requesting credentials after MDS Connection Service has been configured for Integrated Authentication, but it did not apply to me as in I have the following option "Trust this user for delegation to any service (Kerberos only)" enabled in AD for the Delegation service account. Can anyone help with identifying what wrong here?
|All times are GMT -5. The time now is 10:48 PM. || |
Powered by vBulletin® Version 3.6.12
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.