Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

SP Nego not working - NTLM Tokens

Former Member
0 Kudos
224

Hi Experts,

We have configured SP Nego for SSO and it works fine from all machines except the POS clients which runs on OS - Windows XP Professional SP 3.And it doesn't occur all the time but sometimes.

SAP Note 934138 - IE browser sends NTLM token instead of Kerberos) says that only Windows XP SP2 has a microsoft bug

and sends NTLM Token but here we are getting for SP3 as well.

Collected the Web Dialog tool and Yatt tool traces for successful scenarios of otehr PCs and failure cases from POS clients.

From them it is visible that in the POS case the SPNEGO authentication does not succeed because AS Java

had received an NTLM token, whereas in the other machines from Citrix case AS Java had received an SPNEGO token.

The same is confirmed by the YATT traces - in the POS case the value of the "Negotiate" authorization header starts with "TIRM..." and that is the indicator that it is an NTLM token, whereas in the other PCs from citrix case the same value starts with "YII..." which means it is an SPNEGO token.

Now the IE settings are same and as required in both the cases.

Appreciate if anyone can help in finding a solution and letting me know if there is a fix,patch etc available for such scenario.

Thanks

Priya

1 REPLY 1

Former Member
0 Kudos
71

The problem was with the Active Directory Domain Controller.It was identified by MS .Customer's LDAP server was in mixed Environment and for SP Nego authentication to work ,we applied 2 Microsoft patches to the DC and that resolved the issue.

Regards,

Bishnu Priya Sahoo