Widnows 7/2008 R2 SP1 SSO related Hotfixes


Here’s a list of all SSO related hotfixes not available from Microsoft Update. These hotfixes will most likely be integrated in Service Pack 2.

  • An SSO solution that calls the LsaLogonUser function to pass a KERB_TICKET_LOGON structure for Kerberos authentication does not work in Windows 7 SP1 or in Windows Server 2008 R2 SP1
  • Single Sign-On (SSO) feature does not work after you enable the RemoteFX feature in Windows Server 2008 R2
  • InitializeSecurityContext function might not fall back to NTLM authentication in Windows 7 or in Windows Server 2008 R2 when Kerberos fails and has the STATUS_NO_LOGON_SERVERS status
  • You cannot access or mount a Windows Server 2008 R2-based NFS share after a failover if the NFS share uses Krb5 or Krb5i authentication

Important Documentation

  • New resolution for problems with Kerberos authentication when users belong to many groups
  • Authentication failure from non-Windows NTLM or Kerberos servers

Do you think these hotfixes can help with SSO in Openfire/Spark?