To check whether GSSAPI(SSO) works or not, you need to enter the command in your Ubuntu server:
Point 2.4 from my guide
kinit -V -k -t /usr/share/openfire/resources/openfire.keytab xmpp/srv-chat.domain.local@DOMAIN.LOCAL
If everything works correctly, a record should appear:
Authenticated to Kerberos v5
Look at my two screenshots from two Openfire servers (First server on Ubuntu 16.04 and second server on Ubuntu 18.04)
Ok dude, its working on others SO like Windows Server and Windows 10 but, in windows 7 its not working.
My company uses only Windows 10, but we implemented SSO even when we had computers with Windows 7 and Windows 8.1.
Give me time, tomorrow I will install a virtual machine on Windows 7.
By the way, try putting the krb5.conf file in C: \ Windows and reboot computer .
And also make sure that every Windows client has this registry entry from point 4.1, it is very important :
HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ Lsa \ Kerberos \ Parameters
Value Name: AllowTGTSessionKey
Value Type: REG_DWORD
Value: 1
hmm, I have SSO running on Windows 7.
And without the krb5.conf file.
I just added a reg entry from point 4.1
Do you use the latest version of Spark 2.8.3?
Yes, im using the latest. I have already change the reg. I will try again.
So, don’t know whats happening, in some windows 7 are working great, anothers not. In some Windows 10 is not working too. kkkk
very strange error.I would try to write on problem computers and look at which domain the controller is connected to and also check dns on the problem computer
nslookup srvchat.pmns.intranet
Here is mine.
Not getting the domain name.
I don’t know how to solve this problem, but maybe it will help?
Ok solved.
Now, how to deploy the config???
Does it work on all your computers now? Spark Config?
When i solved the nslookup problem, i think solved. So i need deploy to know if it will work.
on all computers I have a policy that adds a Reg entry.
and on all users I add a logon script(.bat).
I took my configuration file and added your server, but you can do it yourself.
IF EXIST "%AppData%\Spark\sso_enable2.8.3.txt" GOTO END
xcopy "\\srv-it\app\Spark2.8.3\spark.properties" "%AppData%\Spark\" /Y
copy /Y nul "%AppData%\Spark\sso_enable2.8.3.txt"
:END
spark.properties (1.7 КБ)
And here is the script how to install spark on all computers when they are turned on.(for 64bit system)
IF EXIST "C:\Program Files (x86)\Spark\spark_2_8.3.txt" GOTO END
taskkill /F /IM Spark.exe
"C:\Program Files (x86)\Spark\uninstall.exe" -q
rmdir "C:\Program Files (x86)\Spark" /s /q
mkdir c:\drv
xcopy "\\srv-it\app\Spark2.8.3\spark_2_8_3.exe" "C:\drv" /Y
start /wait c:\drv\spark_2_8_3.exe -q
copy /Y nul "C:\Program Files (x86)\Spark\spark_2_8.3.txt"
:END
and this script for 32bit system
IF EXIST "C:\Program Files\Spark\spark_2_8.3.txt" GOTO END
taskkill /F /IM Spark.exe
"C:\Program Files\Spark\uninstall.exe" -q
rmdir "C:\Program Files\Spark" /s /q
mkdir c:\drv
xcopy "\\srv-it\app\Spark2.8.3\spark_2_8_3.exe" "C:\drv" /Y
start /wait c:\drv\spark_2_8_3.exe -q
copy /Y nul "C:\Program Files\Spark\spark_2_8.3.txt"
:END
Ok, its one GPO each??
Ok i used ur spark.properties but when it will get the credentials from the username??
When i started spark my credentials was not there.
If you are an administrator on your computer, then Spark.exe needs to be run with elevated privileges (Run as Admin). If you have the rights of a regular user, then everything will work for you.
This is a longstanding issue of UAC and Java.
Or you can configure this setting on all computers through a GPO.
Ok, This config is just to run all aplications as elevated rights?
About installing programs it will not effect, right??
no, this does not allow the standard user to request administrative rights.
