Forum Discussion
Bill_Kehn_27007
Nimbostratus
NimbostratusKerberos SSO to IIS Web Application
We are trying to implement a clientless solution in which a user which is part of the domain, and accessing a web application from a machine in the same domain, would automatically be authenticated w...
I would suggest that you do a packet capture and look if the client is fetching a kerberos token and presents it to the APM
Bill_Kehn_27007Nimbostratus
NimbostratusDoes the user logon name in AD need to match the reverse DNS of the target IIS pool member?
In other words I have this for the logon name:
My forward and reverse DNS of the pool member IIS server is this:
192.168.210.55 is my pool member of the virtual server.
And my SSO configuration on the F5 reflects this user logon account:
The APM log for sso always shows this:
I do not know why it keeps saying matching credential not found here.
Oh, and if I go against the URL of the internal server directly from a domain machine it does automatically log me on and connect me so I think the IIS side is ok.
-Bill