cancel
Showing results for 
Search instead for 
Did you mean: 

SSO implementation in parent-child domain landscape

0 Kudos
140

Hello experts,

We are planning to implement SSO in our landscape for AS ABAP systems. Below is the structural diagram of our landscape.

AS ABAP system resides in child domain A.

We are trying to implement SSO using NTLM method on sandbox. Please let us know what should be the value of parameter 'snc/identity/as' if anyone is aware of this.

We are aware that this method is very old and not used now a days.Also let us know what should be the approach to implement SSO in our scenario using other methods also. It would be great if method does not require licensing.

Accepted Solutions (0)

Answers (2)

Answers (2)

donka_dimitrova
Contributor
0 Kudos

Hello Ketan,

Regarding the multi domain environment, you can check my blog Kerberos/SPNEGO for SAP AS ABAP in a Multi Domain Environment.

Regards,

Donka Dimitrova

donka_dimitrova
Contributor
0 Kudos

Hello Ketan,

Microsoft's NTLM SSP does not provide you with the full SNC protection capabilities. To enable data integrity and privacy protection with NTLM, you need to use an additional security product, for example SAP Single Sign-On. We recommend that you use Kerberos for SAP GUI Authentication for system environments consisting of Microsoft Windows 2000 and higher.


Please, also consider the fact that Microsoft also recommend to implement Kerberos instead of NTLM:

"The Microsoft Kerberos security package adds greater security than NTLM to systems on a network. " See the statement here: Microsoft NTLM (Windows)


Regards,

Donka Dimitrova