SSO Issues (WinSrv2016/Win10Ent w/ Openfire 4.1.0 & Spark 2.8.2)

Derek_Price · December 27, 2016, 3:09pm

I am having a bear of a time getting this to work. I keep ending up with “Spark is unable to find the principal to use for Single Sign-On. This will prevent SSO from working.”

I really am at a loss as to what I am doing wrong.

I have tried to sanitze my log files as follows:
‘app’ = Openfire Server

‘kdc’ = PDC

‘realm.com’ = mydomain.com

‘REALM.COM’ = MYDOMAIN.COM

I know the answer is here, and I know someone with more experience will see it. I’m perfectly happy to look foolish, but I need help.
warn.log_wrk.txt.zip (1027 Bytes)
SSO.txt.zip (270 Bytes)
Openfire.xml.txt.zip (1439 Bytes)
krb5_srv.txt.zip (312 Bytes)
gss.conf.txt.zip (348 Bytes)

speedy · December 27, 2016, 4:02pm

first part of the error is that spark is unable to verify the openfire certificate. Please disable certificate hostname verification from the advance menu, and try again.

Derek_Price · December 27, 2016, 4:31pm

No joy.

Same error on Spark. Account = Unable to determine.

speedy · December 27, 2016, 4:58pm

unable to determine from the client is usually a few things. UAC issue or the registery change to allow tgtsessionkey has not been added. If the key has been added, than try running spark “as administrator”