Hello Gurus,
We have successfully configured the Single Sign on (SSO) on our Development and Quality systems using kerberos. These two systems are central systems(No application server attached it.). We have tested the functionality and is working fine.
Now we have to configure the same setup in Production system where it has an application server which also works as fail-over node. How do I do here? Could someone of you confirm on the below points.
1) Do I need to Install the kerberos on both Central Instance and Dialogue Instance.?
2) Do I need to generated 2 separate keytabs in AD for CI and DI?
3) Do I have to set the SPN 2 times (CI & DI) for the same user id?
3) Do I need to maintain the SNC parameters in Instance profile of both CI and DI?
4) I have a logon group created and assigned to both CI and DI. In normal case the load balancing happens. What all the changes that I need to in saplogon.ini do if I have to have the same load balancing mechanism even after implementing SSO?
Please clarify them in detail. I would really much appreciate all your help.
Thanks,
Nick S