SSO Technical Information (on-premises only)
Scaled or clustered environment (Windows only):
If you've scaled or clustered Jedox, some additional configurations must be performed before SSO will work.
The exchange of the kerberos tokens can be disturbed by SPN trust issues. To solve this, use setspn.
Example scenario:
NetBiosName: jedox
Domain: jedox.test
FQDN1: Win1Jedox.jedox.test
FQDN2: Win2Jedox.jedox.test
Once everything is set on the network side (i.e., the servers can communicate with each other), you must adjust the setspn settings of the servers as follows:
Important: Logon as a serviceuser who is available for both servers (i.e., a domain user).
Example: jedoxuser
Enter the following commands:
Important: Use the FQDN, or the communication won't work properly!
setspn -A HTTP/win1jedox.jedox.test jedox\jedoxuser
setspn -A HTTP/win2jedox.jedox.test jedox\jedoxuser
Configure all services (on both server) to run under the service user jedox\jedoxuser.
Updated June 7, 2024