Dear Experts,
I am trying to set up SSO with XI 3.1 and WinAD. WinAD authentification already works properly for web and full clients, but I am stuck with an ktpass error.
The manuals I follow are Tim Ziembas “Configuring Vintela SSO” and the one from Geek2Live.net.
The ktpass command I send on the AD server is:
ktpass -out c:\BOSSO.keytab -princ BOSSO/serviceaccount.mydomain.com@MYDOMAIN.COM -mapuser
serviceaccount@MYDOMAIN.COM -pass myPassword -kvno 255 -ptype KRB5_NT_PRINCIPAL -crypto DES-CBC-MD5(I used DES encryption because the domain controller just runs a JDK 1.4.2)
The error I get is indicating that there is a problem resolving the user, the output is:
Seems like ktpass is not able resolve the users distinguished name - the ktpass syntax seems ok, as I used the same one in another test environment, where it worked fine.
Does anyone has an idea how to approach this problem? Any help is appreciated!
Thanks & kind regards,
b.
bastula 
(BOB member since 2008-09-22)