I have an instance of XI R2 deployed on a 2003 platform. It is running the Tomcat/Apache Java version. I use Oracle as my repo and DW.
I have had authentication setup for a long time using the LDAP connection and connecting it to ADAM (Active Directory Application Mode). However, I now would like to try having it directly connect to Active Directory, my domain service. I have configured everything the way it makes sens e and read every related topic in here about it, but I have some problems. As of now, I can log into CMS with one of my AD accounts. However, when I try to log into InfoView, I get the blasted error of SI_KERBEROS.....
I have it configured with the service account, domain, etc all configured correctly. I have a group in AD setup for mapping and it accepts/resolves the group in AD. I want to use NTLM and have it selected, but when I do that I get the error mentioned above. I have also tried the Kerberos way. I selected kerberos, my service account is trusted for delegation, and I put in the SPN for the account in the following format: bobj@mydomain.net.
When I try it that way, I get an error talking about not being able to find my user or not being a part of the mapped group.
In either case, it does not work. I want to move to the IIS/.NET solution, but I am stuck with this thing for a while before I can even begin.
Any ideas?
I have had authentication setup for a long time using the LDAP connection and connecting it to ADAM (Active Directory Application Mode). However, I now would like to try having it directly connect to Active Directory, my domain service. I have configured everything the way it makes sens e and read every related topic in here about it, but I have some problems. As of now, I can log into CMS with one of my AD accounts. However, when I try to log into InfoView, I get the blasted error of SI_KERBEROS.....
I have it configured with the service account, domain, etc all configured correctly. I have a group in AD setup for mapping and it accepts/resolves the group in AD. I want to use NTLM and have it selected, but when I do that I get the error mentioned above. I have also tried the Kerberos way. I selected kerberos, my service account is trusted for delegation, and I put in the SPN for the account in the following format: bobj@mydomain.net.
When I try it that way, I get an error talking about not being able to find my user or not being a part of the mapped group.
In either case, it does not work. I want to move to the IIS/.NET solution, but I am stuck with this thing for a while before I can even begin.
Any ideas?