Hi everybody!
Basic information:
- AD root domain - npomash.dom (2003)
- AD domain - personal.npomash.dom (2003) - all users are here
- KDC - dc3p.personal.npomash.dom (WinSRV 2008 R2 SP2)
- Openfire 3.9.3 server - openfire.personal.npomash.dom (WinSRV 2008 R2 SP2)
- Spark 2.6.3 client - kms.personal.npomash.dom (WinSRV 2008 R2 SP2)
- Database - MS SQL Express 2008 R2 SP2 (hosting on openfire.personal.npomash.dom)
Well, I've set up and configured everything by these guides:
https://igniterealtime.org/builds/openfire/docs/latest/documentation/install-gui de.html
https://community.igniterealtime.org/docs/DOC-1060
Also checked several threads such as these:
https://community.igniterealtime.org/thread/35884
https://community.igniterealtime.org/thread/44984
https://community.igniterealtime.org/thread/44740
https://community.igniterealtime.org/thread/26839
And I can't solve SSO failure problem for about three days long.
I think, I've tested every possible combinations of options. And still no solution yet.
Here is what's happening on Spark (Raw Received Packets):
<?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="openfire.personal.npomash.dom" id="d17b9669" xml:lang="en" version="1.0"> <stream:features><starttls xmlns="urn:ietf:params:xml:ns:xmpp-tls"></starttls><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>GSSAPI</mechanism></mechanisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><auth xmlns="http://jabber.org/features/iq-auth"/><register xmlns="http://jabber.org/features/iq-register"/></stream:features> <proceed xmlns="urn:ietf:params:xml:ns:xmpp-tls"/> <?xml version='1.0' encoding='UTF-8'?><stream:stream xmlns:stream="http://etherx.jabber.org/streams" xmlns="jabber:client" from="openfire.personal.npomash.dom" id="d17b9669" xml:lang="en" version="1.0"><stream:features><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>GSSAPI</mechanism></mechanisms><compression xmlns="http://jabber.org/features/compress"><method>zlib</method></compression><auth xmlns="http://jabber.org/features/iq-auth"/><register xmlns="http://jabber.org/features/iq-register"/></stream:features> <failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/></failure>
Info.log entry on Openfire side:
| 2014.06.18 15:47:03 org.jivesoftware.openfire.net.SASLAuthentication - User Login Failed. Failure to initialize security context |
Sorry, if I missed something. Any advice or ideas please?