Table of Contents
Advertisement
SSO login fails with AD users on Windows 7 and Windows Server 2008 R2.
What should I do to resolve this?
You must enable the encryption types for Windows 7 and Windows Server
2008 R2. To enable the encryption types:
1 Log in as administrator or as a user with adminstrative privilege.
2 Go to Start and run gpedit.msc. The Local Group Policy Editor window is
displayed.
3 Navigate to Local Computer SettingsWindows SettingsSecurity
SettingsLocal PoliciesSecurity Options.
4 Right-click Network Security: Configure encryption types allowed for
kerberos and select Properties.
5 Enable all the options.
6 Click OK. You can now log in to iDRAC using SSO.
Perform the following additional settings for Extended Schema:
1 In the Local Group Policy Editor window, navigate to Local Computer
SettingsWindows SettingsSecurity SettingsLocal Policies
Security Options.
2 Right-click Network Security: Restrict NTLM: Outgoing NTLM traffic
to remote server and select Properties.
3 Select Allow all.
4 Click OK and then close the Local Group Policy Editor window.
5 Go to Start and run cmd. The command prompt window is displayed.
6 Run the command gpupdate /force. The group policies are updated.
Close the command prompt window.
7 Go to Start and run regedit. The Registry Editor window is displayed.
8 Navigate to HKEY_LOCAL_MACHINESystem
CurrentControlSetControlLSA.
9 In the right-pane, right-click and select NewDWORD (32-bit) Value.
10 Name the new key as SuppressExtendedProtection.
11 Right-click SuppressExtendedProtection and click Modify.
12 In the Value data field, type 1 and click OK.
Configuring iDRAC6 for Single Sign-On or Smart Card Login
201
- Quick Links:
- Diagnostic Commands
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
