SSO with Kerberos on SAP AIX
Vineet Arora
VineetA at microland.net
Wed Mar 22 02:00:32 EST 2006
Hi,
Thanks for your prompt response. We are trying to implement SSO between SAP
R/3 system running on AIX and Microsoft Active Directory Services.
There is a straightforward process to achieve the same if SAP system is
running on Windows.
The steps are:
1. Copy the "gsskrb5.dll" to "%windir%\system32" directory
2. Set the SNC parameters in central instance to point to above library.
3. MAP the sap users to Windows using "user maintenance" in Sap.
4. Configure the Sap front-end to use Kerberos.
Unfortunately, I do not have any expertise on AIX. Just want to confirm that
I have to follow the same process on AIX and using "libgssapi_krb5.so"
instead of the DLL file.
Is it required to do anything else on SNC part other then setting the SNC
parameters in central instance. We are using AIX 5.3 - 64 bit system.
Is there any standardized document that detail out the steps for SSO between
SAP R/3 on AIX and Active Directory.
Thanks once again for your help.
Warm Regards,
Vineet Arora
-----Original Message-----
From: Paul B. Hill [mailto:pbh at MIT.EDU]
Sent: Tuesday, March 21, 2006 10:09 PM
To: 'Vineet Arora'; kerberos at mit.edu
Subject: RE: SSO with Kerberos on SAP AIX
Hi,
For queries like this SAP employees recommend mailing
<security-consulting at sap.com> to get in contact with an appropriate SAP
consultant.
Paul
-----Original Message-----
From: kerberos-bounces at MIT.EDU [mailto:kerberos-bounces at MIT.EDU] On Behalf
Of Vineet Arora
Sent: Tuesday, March 21, 2006 7:45 AM
To: kerberos at mit.edu
Subject: SSO with Kerberos on SAP AIX
Hi,
I am trying to implement SSO with Kerberos on a SAP system running on AIX.
I'll be highly obliged if you can help me in the same.
I was wondering if you could guide me towards a process or document to
achieve the SSO that includes installation of shared library
"libgssapi_krb5.so" and configuration of SNC adapter on the SAP system.
Thanks in advance.
Warm Regards,
Vineet Arora
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, re-transmission, dissemination or other use of or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from your
computer. Microland takes all reasonable steps to ensure that its electronic
communications are free from viruses. However, given Internet accessibility,
the Company cannot accept liability for any virus introduced by this e-mail
or any attachment and you are advised to use up-to-date virus checking
software.
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, re-transmission, dissemination or other use of or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from your
computer. Microland takes all reasonable steps to ensure that its electronic
communications are free from viruses. However, given Internet accessibility,
the Company cannot accept liability for any virus introduced by this e-mail
or any attachment and you are advised to use up-to-date virus checking
software.
More information about the Kerberos
mailing list