Hello @heidelberger after have more servers in the mix and configure sso, i’m having two issues:
Windows 10 client
- all the servers have valid certificate (the univention root is in store via gpo), only can’t sso in the master server
- Master server show invalid certificate, but is the same certificate, sso only not work in the master server
Other thing that i notice, if i login and open chrome (run each one of the servers, less the master) and try the sso, it works ok, then if open internet explorer the sso doesn’t work anymore i any of the servers.
After reboot, start with internet explorer, every every sso works, then try in chrome and doesn’t work. Don’t know if is an expected behaviour…
In the Master server apache error log, I get this error when try the sso
[Fri Nov 09 12:58:52.981170 2018] [autoindex:error] [pid 627] [client 192.168.1.94:51846] AH01276: Cannot serve directory /var/www/univention/js/umc/: No matching DirectoryIndex (index.html,index.cgi,index.pl,index.php,index.xhtml,index.htm) found, and server-generated directory index forbidden by Options directive, referer: https://MASTERSRV.ccm.local/univention/login/?location=%2Funivention%2Fportal%2F&lang=en-US
SSO never works in main server (main domain controller)
Any suggestion how to troubleshoot this?