To Use the Windows Desktop SSO Authentication
Module with a Load Balancer
All OpenSSO Enterprise authentication modules, including the Windows Desktop SSO Authentication module, can be accessed through a load balancer. The Windows Desktop SSO Authentication module requires some special configuration.
-
Create an Active Directory domain account in Windows 2003 or in the Kerberos service principal.
-
When you generate the keytab file for he Windows Desktop SSO Authentication, you have to specify the load balancer FQDN.
Example: HTTP://opensso-lb.example.com. If you don't specify the fully-qualified domain name, authentication will fail.
-
Copy the keytab file to all OpenSSO Enterprise servers, and put place in under the same directory in each server.
Example location: /etc/ SUNWam/config.
-
Create a new Windows Desktop SSO Authentication module and Configure it with the newly copied keytab file.
-
Restart all the OpenSSO Enterprise servers and test the new module through the load balancer.
- © 2010, Oracle Corporation and/or its affiliates