APM - Kerberos SSO Not working

Question

Hi team,&nbsp;
I have configured kerberos SSO for accessing citrix forefront server's . After authentication in F5 getting following error.&nbsp;
Followed the config steps as per page : https://www.f5.com/pdf/deployment-guides/kerberos-constrained-delegation-dg.pdf&nbsp;
err websso.0[20378]: 014d0056:3: /Common/citrix_kerberos_sso:Common:7db4d953:Kerberos: can't get S4U2Self ticket for user bravo@ABC.COM- Server not found in Kerberos database (-1765328377)
err websso.0[20378]: 014d0024:3: /Common/citrix_kerberos_sso:Common:7db4d953: Kerberos: Failed to get ticket for User: 'bravo@ABC.COM' accessing service: 'HTTP/server.abc.com@ABC.COM'
err websso.0[20378]: 014d0048:3: /Common/citrix_kerberos_sso:Common:7db4d953: failure occurred when processing the work item&nbsp;
APM Policy - Logon page -- AD authentication -- SSO mapping -- Allow&nbsp;
Please help me..&nbsp;
Thanks,
Senthil&nbsp;

daniel_varela · Answer

Do you have DNS configured in you big-ip? A simple test is trying to ping abc.com.Check as well in your /etc/krb5.conf if dns_lookup_realm = true and dns_lookup_kdc = true&nbsp;

Forum Discussion

APM - Kerberos SSO Not working

1 Reply

Recent Discussions

Advise on setting up IRULE

google autenticator broken barcode

Port Group on F5OS network setting

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Unwinding the Benefits of Investing in White Label Crypto Wallet

Related Content

Transparent Kerberos Authentication and APM fallback authentication

APM Kerberos Auth or fallback to another authentication method

APM - translating group SIDs extracted from Kerberos token

APM - Software Check Antivirus does not work on Linux platforms

F5 APM-Kerberos -decrypt ticket