Implementation of SSO in SAP-Active Directory
Vineet Arora
VineetA at microland.net
Thu May 11 07:18:21 EDT 2006
Hi All,
I am trying to implement SSO for SAP and Active Directory. SAP system is
running on AIX 5.2. I am geeting the following error when comiling SNC
Adapter.
------------------------------------------------
bash-3.00# make
./build."`uname -s`" make do-all
xlc -z -qlanglvl=ansi -qarch=com -qspill=1024 -qinfo -c snckrb5.c
/usr/bin/sh: xlc: not found.
make: 1254-004 The error code from the last command is 127.
Stop.
make: 1254-004 The error code from the last command is 2.
------------------------------------------------------------
I am following the "little how-to" from Calin to achieve the SSO. I have
completed the following steps till now.
1. Created a service account in Active Directory
2. Exported the Keytab for this account
3. Installed the Kerberos ( Kerberos 1.3.4) on AIX server .
4. Configured the krb.conf file.
After installing Kerberos, I was not able to find the kb5.conf file in /etc
diretory. So I have written one . The content of krb5.conf are:
-------------------------------------------------------------
[libdefaults]
default_realm = TESTLAB.COM
[realms]
TESTLAB.COM = {
admin_server = testsetup22.testlab.com:749
kdc = testsetup22.testlab.com:88
default_domain = testlab.com
}
[domain_realm]
sap.testlab.com = TESTLAB.COM
.sap.testlab.com = TESTLAB.COM
testlab.com = TESTLAB.COM
.testlab.com = TESTLAB.COM
-----------------------------------------------------------------
The value "sap" specified in the [Domain_realm] section of krb.conf is the
name of OU created for SAP users in Active DIrectory.
Please help me to move forward. I will be highly obliged.
Warm Regards,
Vineet Arora
The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, re-transmission, dissemination or other use of or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you received
this in error, please contact the sender and delete the material from your
computer. Microland takes all reasonable steps to ensure that its electronic
communications are free from viruses. However, given Internet accessibility,
the Company cannot accept liability for any virus introduced by this e-mail
or any attachment and you are advised to use up-to-date virus checking
software.
More information about the Kerberos
mailing list