1323391 - What are the Microsoft requirements to perform kerberos SSO in multiple AD forests environments with BI

• What are the current Best Practices for multiple forest active directory integration
• I have 2 or more Active Directory Forests and need to configure them for kerberos single sign-on ( spnego )
• I can't map groups from 1 or more active directory domains or forests
• I map in groups but users do not appear
• Users from 1 or more forests or cannot logon via SSO (vintela)
• Important to note: many, are not aware their "other domain" is in another AD forest so the term users in a domain cannot logon, map in, etc
• A good way to tell if another domain is in another forest (typical multiple domains = domain1.xyz.local & domain2.xyz.local) typical multiple forest (domain1.xyz.local domain2.abc.extranet) the root domain is usually different although in some rare circumstances the root domain is the same, and only a tool such a Microsoft Domains and Trusts will reveal the forest relationship

Read more...

• SAP Business Objects Enterprise XI 3.1
• SAP BusinessObjects Business Intelligence Platform 4.0 4.1 4.2 4.x all SP's all patches
• Microsoft Windows 2008 and above

SAP BusinessObjects Business Intelligence platform 4.0 ; SAP BusinessObjects Business Intelligence platform 4.1 ; SAP BusinessObjects Business Intelligence platform 4.2 ; SAP BusinessObjects Business Intelligence platform 4.3 ; SAP BusinessObjects Enterprise XI 3.1

multiple forest issues multi domains zie biauth htkba mkba sign on silent tomcat java XIR4 XIR3 XI 3.x login log in , KBA , biauth , htkba , bpkba , BI-BIP-AUT , Authentication, ActiveDirectory, LDAP, SSO, Vintela , How To