Sandra, What you need to achieve is Integrated Windows Authentication. What BMC are proposing is deploying part of the protocol, so you're bound to find instances where it doesn't work. Microsoft have tried going "Kerberos only" and couldn't make it work; there's some documentation on their website suggesting an "Impact assessment" is carried out before moving to Kerberos only.
In any corporate network, you need Kerberos+NTLMv2+NegotiateExtensions+etc. There's a video on the BMC communities forum recorded by a BMC AtriumSSO engineer stating that "it will work 80% of the time" - a glowing endorsement :-) The problem faced by BMC is the OpenSSO/AM product that has been re-badged to AtriumSSO does not provide IWA, so you don't get it for free. John -- JSS SSO Plugin for BMC ITSM, ITBM, Analytics, Kinetic, and more. _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
