The web blog strives to be a comprehensive guide to SCCD, TADDM, SERVICE NOW and MAXIMO tools. This is a personal site maintained solely by me. I intend to update it regularly.For live updates please follow us on.

SSO Configuration with Maximo

SSO Configuration with Maximo

1. Create TESTUSER in the AD.
2. Map SPN for WAS server to the created TESTUSER using command below.

      setspn -a HTTP/ TESTUSER
3) Generate keytab file using below command.

> ktpass -out keytabfilename.keytab -princ HTTP/ -pass password -ptype KRB5_NT_PRINCIPAL

4) Copy keytabfilename.keytab file to the WAS server and generate Kerberos configuration file using command in wsadmin console.

> $AdminTask createKrbConfigFile {-krbPath c:\ibm\etc\krb5.conf -realm MYDOMAIN.COM -kdcHost -dns -keytabPath c:\ibm\etc\keytabfilename.keytab}

5) Enable Web sphere security - in my case I have already configured web sphere security (Federated Repositories with one AD server used also for configuring SSO)
6) Enable SSO
7) Enable trust association and add property. to the Custom Properties for interceptor.

8) Enable SPNEGO at the JVM level for MXServer i.e. add following properties to the Application Servers->MXServer ->Process Definition ->Java Virtual Machine > Custom Properties: = ALL = ALL = true = c:\ibm\etc\krb5.conf

9) Restart Web sphere.
10. Configure the both browsers to support SSO (Get steps to how to enable browsers for SSO support).