Hi,
I'm trying to setup a SSO for 2 Domains (different servers & different IP address) in a single livecycle server.
I used SPNEGO in this case and succesfully added both domains as enterprise domain, Kerberos authentication was tested succesfully with SPNEGO enabled.
But SSO only works in the domain the livecycle server resides.
Lets say Livecycle server is in DOMAIN A, all ther users in DOMAIN A can access to livecycle via SSO.
But SSO is not working for users in DOMAIN B.
When refer to the log, the error is:-
None of the available AuthProviders could authenticate the user
I refer back to the guide http://help.adobe.com/en_US/livecycle/9.0/adminHelp/admin.htm?content=000049.html, and notice it stated the following:-
So, this means that it is not possible for another domain to setup SSO?
Any help?
Thanks.
Lionel
Views
Replies
Total Likes
Miss out one thing,
The environment is for Livecycle Rights Management SSO.
Thanks.
Views
Replies
Total Likes
This is following the AD model, without the trust between the two domains
you can't access the cross domain resources. If LC is
associated to Domain A it doesn't have the ability to validate the token.
Views
Replies
Total Likes
Hi Tundra,
If Domain B is a child domain of Domain A and both are in a trust relationship.
E.g:-
Domain A : compdomain.com
Domain B : childA.compdomain.com
Is it workable?
and i found an document http://www.adobe.com/support/livecycle/ts/documents/kb408491/Kerberos.pdf which stated an issue in ES 8.2.1 that kerberos authentication may fail between multiple domain for rights management. Does this apply to LC ES2's rights management?
Thanks for the reply.
Views
Replies
Total Likes