Forum Discussion
NimbostratusMultiple Windows Authentication Prompts after F5 Authentication
CirrostratusThanks @Kevin,
After what you just said I tested something, just to see if it would work.
-
Reference:
- APM Portal Access (
- SSRS VIP ( (accessed by https://apm.domain.com/f5-w-687474703A2F2F737372732E6578616D706C652E636F6D$$/)
- Pool Members (
With the SSO profile set to the default SPN, APM tries to feth S4UProxy ticket for the user and server = http/ssrs.example.com@INTERNAL.LOCAL and I never see the
S4U ======> OK!However, if I update the SPN to user one of the servers instead (http/server1.internal.local) then it works and I see everything inspect in the logs. This seems to work on any of the pool members (not just server1).
So for some reason using ssrs.example.com doesn't work, but manually specifying an spn for one of the servers does... Does that make any sense to you? Trying to figure out why it would fail. (The service account running SSRS has the SPN associated with it for HTTP/ssrs.example.com and HTTP/server1.example.com and the other pool members). Does that account need Delegation specified on it?
Thanks for you help!
