Total newb here with Openfire and Spark. I’m not even sure which forum to place this in. I have come across a numerous amount of setups on here and the internet on getting SSO to work. I am totally clueless where to even start. My environment is a mixed 2003/2008 Windows Server domain and mainly Windows 7 on the desktops. Some of the article I’ve found Openfire+Spark on Windows Server 2008 R2 with SSO seems like what I need with some tweaking. I am not even sure where to start with this document. Do I start on my Windows Server domain controller or on the Openfire application server? I actually thought when I setup Openfire using LDAP that it would automatically sign in users? I doubt it can be any simpler but doesn’t anyone have some good step/step instructions that would make sense to me? Thanks in advance for the help!
without sso, and with LDAP/AD, your users can sign in manually using their network username and password. SSO basically makes this easier, as it reads the username and password from kerberos session key, and automatically signs in the user.
once you have openfire install and ldap connected, if you want SSO, you can try the above guide. The same author updated the his guide here 28 Steps to Single Sign On for Openfire XMPP Server on Windows Server 2012 R2 with Spark
In a 2003 forest domain level, his guide should work well for you.
A quick guide I threw together is here, but geared towards 2008 and above forest/domain levels.
Thanks for the quick reply! I’m stuck on the first command lol… I used this link28 Steps to Single Sign On for Openfire XMPP Server on Windows Server 2012 R2 with Spark and I’m entering in setspn -U -S XMPP/computername.mydomain myaccount and it’s telling me that -S is an unknown parameter. Am I supposed to be putting in the XMPP?
That change in the syntax you mentioned worked. Everything was going well until the end . Keep in mind I already had my openfire installation working. I am now not able to log in with my openfire account I created. Thoughts? Do I need to go through the whole install again? I’m hoping no because I would hate to loose my configuration…
Ok set 19 to true for debugging for now. Same issue when trying to log in. Could it be related to java? The server has 8u73 and my workstation has 8u51. I can pm you my server properties if needed?
Threre’s an output log that got created just now after I ran it as admin. See below…
Debug is true storeKey false useTicketCache true useKeyTab false doNotPrompt true ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is true principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Refreshing Kerberos configuration
Acquire TGT from Cache
Principal is myemail account
Commit Succeeded
Debug is true storeKey false useTicketCache true useKeyTab false doNotPrompt true ticketCache is null isInitiator true KeyTab is null refreshKrb5Config is true principal is null tryFirstPass is false useFirstPass is false storePass is false clearPass is false
Refreshing Kerberos configuration
Acquire TGT from Cache
Principal is myemail account
Commit Succeeded
Hi again I’m back! lol Ok Speedy with your help I got the sso part working great! Using my deployment software I am able to silently push out spark and the spark.properties file. I followed these steps I found somewhere on the net but when I deploy it on a users computer and they start Spark it just comes up with username blank and an sso error. Any thoughts on what might be wrong? I didn’t try rebooting the computer yet.
username [Remove the saved username so it ready username=]
server [Fill in your server address if it is not already populated]
Oh yea that’s right! Forgot about registry changes… I used my spark.properties file and just cleared out those other settings. I’ll try the registry settings next. Thanks
I would like to thank Speedy again for helping me out on this. There are many correct answers in this thread so it was tough for me to choose just one. Thanks again… it’s working perfectly!!