SSO Technical Information (on-premises only)

Scaled or clustered environment (Windows only):

If you've scaled or clustered Jedox, some additional configurations must be performed before SSO will work.

The exchange of the kerberos tokens can be disturbed by SPN trust issues. To solve this, use setspn.

Example scenario:

NetBiosName: jedox
Domain: jedox.test

FQDN1: Win1Jedox.jedox.test
FQDN2: Win2Jedox.jedox.test

Once everything is set on the network side (i.e., the servers can communicate with each other), you must adjust the setspn settings of the servers as follows:

Important: Logon as a serviceuser who is available for both servers (i.e., a domain user).

Example: jedoxuser

Enter the following commands:
Important: Use the FQDN, or the communication won't work properly!

Copy
setspn -A HTTP/win1jedox.jedox.test jedox\jedoxuser
setspn -A HTTP/win2jedox.jedox.test jedox\jedoxuser

Configure all services (on both server) to run under the service user jedox\jedoxuser.

Updated June 7, 2024