Gurus,
Love the SSO "Space" here on SCN. I'd like to share something I'm seeing and let you folks tell me what you think!
We have about a 150 folks using the so-called "ICWEB" client...aka Interaction Center webclient .... AKA CRM.
Here's our CRM netweaver stack version and other info:
SAP_BASIS 740 SAPKB74012
SAP_ABA 740 SAPKA74012
Kernel = unicode 7.42v225
OS = AIX 6.1
SP05 for Secure Login Library
All End User PCs have:
Windows7 Enterprise SP01
IE10
32-bit systems
Secure login client 2.0 SP5
SPnego has been configured, and it works great about 99% of the time. By "working great", I mean when the end user accesses our "ICWEB" URL they get in without the need for their SAP CRM password.
Our URL is something like http://SAPwebDispatcher.ourdomain.com:PORT/sap/crm_logon
99% of the time, they get right in to ICWEB and are either prompted to select their business role (if they have more than one) or they get right to the ICWEB interaction center (if they only have one business role). that's what we want!
but the other 1% of the time, the end-users are prompted still for credentials, like so:
When this happens, the only work around that "works" is to go up to the top of the IE window, where you see the "Logon" tab for ICWEB:
Just to the left of "Logon" is the little circular arrow thingee:
And if the users click on that one or two times, we do get past the login screen and am able to get into ICWEB.
This has been very strange. I've seen it before on my PC and a few others have reported it. But it is rare so much that I wouldn't begin to think to open an incident since this cannot be consistently reproduced.
So.....knowing what I have described what do you folks think?
I looked at the latest patches for SP05 and SP06, but the notes for each of those updates don't mention anything like this as being "resolved" in any new patches for SLC.
I look forward to some ideas!
Thanks as always
NICK