So I have Openfire working with Spark and active directory integration. All users can login fine and they get a couple of propogated groups.
I’ve followed the SSO documentation but SSO doesn’t appear to be working. I’ve double/triple checked all the settings. I don’t see any typos.
I think the problem may be during the keytab generation/prinicipal/server mapping. I get some strange output during that phase of the setup.
2 warnings:
WARNING: Unable to SPN mapping data.
WARNING: PType and account type do not match. This might cause problems.
They keytab outputs fine though.
When I turn on Spark debugging it’s using IQ Auth.
<iq id=“NJn0n-1” to=“sfo2jabber/6986782a” type=“error”>
<query xmlns=“jabber:iq:auth”>
<username>test1</username>
<password/>
<resource>spark</resource>
</query>
<error code=“401” type=“AUTH”>
<not-authorized xmlns=“urn:ietf:params:xml:ns:xmpp-stanzas”/>
</error>
</iq>
Any thoughts for how to track this down? Thanks in advance for your help.