SSO on 2k3 Terminal Server

Ok, I have an AD setup using SSO for all machines and an auto install using group policy. Everything works flawlessly. We have several people that work outside the building and log into our terminal server to do their work. Today I installed Spark like I always do on the Terminal Server and for some reason the SSO will not work on the terminal server. When I start Spark I get the message “Unable to connect using Single Sign on. Check your principal or server settings”. When I check the Spark logs in my user folder I see the following in the warning logs:

“Aug 11, 2008 11:37:36 AM org.jivesoftware.spark.util.log.Log warning
WARNING: Exception in Login:
not-authorized(401)
at org.jivesoftware.smack.NonSASLAuthentication.authenticate(NonSASLAuthentication .java:94)
at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 227)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:341)
at org.jivesoftware.LoginDialog$LoginPanel.login(LoginDialog.java:828)
at org.jivesoftware.LoginDialog$LoginPanel.access$400(LoginDialog.java:196)
at org.jivesoftware.LoginDialog$LoginPanel$1.construct(LoginDialog.java:594)
at org.jivesoftware.spark.util.SwingWorker$2.run(SwingWorker.java:129)
at java.lang.Thread.run(Unknown Source)”

Any ideas?

You have entered all SSO required files on the Terminal server, krb5.ini and registry edits?

Yes, I put the krb5.ini in the Windows folder, and the registry edits are part of the install as I built my own custom .msi installer.

After carefully checking everything it seems that when I made my installer I didn’t include the win2003 registry edits because I built the .msi on an XP machine. Anyway, the problem was that the terminal server needed the registry edit - now everything works. Thanks so much for taking the time to reply.

You are welcome. Yeah server needs different registry settings from XP to work. Good catch.