SSO with UCS & Kopano


I have installed the AD compatible domain controller. My computer could become a member of the domain.

But if I start the DeskApp and activate the logon with the Windows logon data there (use system logon data) I get an error.

“Single Sign On is not supported by the webserver. Please enter your username and password.”

I’ve been searching the web for hours now. I find a lot of basic information about LDAP, but no indication as to whether or how I can activate it in UCS.

Translated with


hi @bitboy0,

your webserver would need to have been configured to support login via Kerberos. This is explained in (and the chapters leading to it).


I installed libapache2-mod-auth-kerb

then I enter

chmod 400 /etc/httpd/keytab.apache
chown apache:apache /etc/httpd/keytab.apache

but there is no file like /etc/httpd/keytab.apache
and there is no user like “apache” … so I failed

Is there anything to do before that steps?
I’m not really Linux expert … I use the vmware-virtual machine as provided by UCS. So it is DEBIAN


The manual is not really meant as a copy & paste howto, so you’d still need to adapt paths (and if you scroll up in the documents it tells you how to generate the keytab.apache file).


Just to understand: Do I have to create the keytab.apache on a Windows machine? I don’t have a Windows server anymore. Otherwise I can only use a Windows10 client.


No, this is generally also possible on a Linux machine (for example directly in the Univention host). see