Thanks for quick answer. Hmm, ntlm_auth is turned off on my Samba4 DC, so I think that Miranda uses GSS-API like Spark othewise Miranda won’t successfully SSO log in.
Let me answer according to your steps:
- That was done ofcourse, I’ve just forgot to mention it
- This step must be for Server and it was done ofcourse, but, as far as I know, it isn’t necessary for clients if there are DNS records configured and not using MIT Kerberos app. However, I did these steps for clients in my long testing weeks without success - trouble still here.
Also if something was wrong with Kerberos there is no way Spark was successfully SSO log in with short values of displayName and sAMAccountName attributes. Here are screenshots of successfull SSO in Spark with domain account test2:
