[prev in list] [next in list] [prev in thread] [next in thread]
List: forgerock-openam
Subject: Re: [OpenAM] Auth chain using WDSSO
From: Bernhard Thalmayr <bernhard.thalmayr () painstakingminds ! com>
Date: 2017-07-04 6:39:31
Message-ID: 528e3d13-6a77-b6f8-bed2-727a7224f3f3 () painstakingminds ! com
[Download RAW message or body]
If NTLM is chosen on the browser side, it's totally unrelated to OpenAM.
Either it's related to browser / ADFS / KDC / DNS configuration.
-Bernhard
Am 30/06/17 um 18:16 schrieb Cyril Grosjean:
>
> There're possibly other reasons where NTLM is chosen, basically when one
> of the conditions for Kerberos mentioned in Simon's article is not met:
>
> - since you created the keytab file, did the UPN changed or did you add
> other SPN's to the same UPN ?
>
> - do you have an 'A' type of record in your DNS ?
>
>
> _______________________________________________
> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
> OpenAM mailing list
> OpenAM@forgerock.org
> https://lists.forgerock.org/mailman/listinfo/openam
>
--
Painstaking Minds
IT-Consulting Bernhard Thalmayr
Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
Tel: +49 (0)8062 7769174
Mobile: +49 (0)176 55060699
bernhard.thalmayr@painstakingminds.com - Solution Architect
http://www.xing.com/profile/Bernhard_Thalmayr
http://de.linkedin.com/in/bernhardthalmayr
This e-mail may contain confidential and/or privileged information.If
you are not the intended recipient (or have received this email in
error) please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
OpenAM@forgerock.org
https://lists.forgerock.org/mailman/listinfo/openam
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic