powered by Jive Software

Spark sso works on only one computer after rename domain

Hello, first, english isnt my native tong so there be mistakes and misspeling.

i had worked sso on ad domain 2012r2 lvl (forest level too) with openfire 3.8.3 and spark 2.7.0. Some time ago i rename domain (example.local to example.com). I did it from my workstation running on win8.1. After rename i was unnable to get new domain from my workstation so i rejoin workstation. Next step i setup ad CA with 8K bit key, setup auto enrollment with edsca521/sha512, setup new openfire 4.1.1(not update, only new installation), renew krb5.ini, spn, keytab file. I successfully log in spark 2.8.3 on my workstation using SSO. All of rest workstations cannot log in nether SSO nor password. Openfire`s log had similar strokes like below:

2017.02.02 23:28:49 org.jivesoftware.openfire.nio.ConnectionHandler - Closing connection due to exception in session: (0x00000003: nio socket, server, / =>

I decide that there is some problem in kerberos ticket but it wasnt. Anyone user`s account can perform SSO only on my workstation. I rejoined a few more workstaion but it didnt resolve that.

All of my workstation running on win81 or w2k12r2. Can there be root of evil in strong cryptography across all domain?


I make fresh install of win81 with newhost name, and SSO works