Symptom
- BI Launchpad logon page is reached instead of being automatically logged in (SSO fails)
- Tomcat or vintela logs could show the following type of error message: (NOTE: Key Type 18 is for AES)
[DEBUG] xxxxxxxxx jcsi.kerberos: Could not decrypt service ticket with Key type 18, KVNO 8, Principal "xxxxxxxxx" using key:
Principal: [1] xxxxxxxxxx
TimeStamp: xxxxxxxxx
KVNO: -1
EncType: 18
Key: 32 bytes, fingerprint = [4e 46 a8 80 7c 15 15 5b f1 b1 65 9e 1c c8 a9 8]
Exception for this key was: com.dstc.security.kerberos.CryptoException: Integrity check failure[Note: principal names are different; this may or may not be a problem]
[Note: KVNO used wildcard match, not exact match; perhaps the password used to generate this key is not the most recent password?]
- Another error that could be observed in the tomcat std.err
com.crystaldecisions.sdk.exception.SDKException$InvalidArg: The argument has an invalid value null (FWM 02024)
Read more...
Environment
- Windows Server Operating System
- SAP BusinessObjects Business Intelligence Platform 4.x
Product
Keywords
AES,RC4,encryption,htkba biauth windows ad, ActiveDirectory, WinAD, secWinAD, krb5, krb5.ini, global.properties, idm.princ, case-sensitive, casing sensitive, aes, aes-encryption, encryption, sso failing, failed sso, single-sign-on, single sign-on, single signon, manual authenticaiton, automatic authentication, automatic sso, service acount, domain, realm, bi4, bi 4.x, bobj, 4.1, 4.2, 4.3, 4.0, auth , KBA , BI-BIP-AUT , Authentication, ActiveDirectory, LDAP, SSO, Vintela , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.