I'm trying to create limited account with rights to login only to one specified webbassed application.
My example configuration:
W2K8 R2 server with AD DS Role: dc01.example.com
W2K8 R2 server running Tomcat server application: app.example.com
Service running tomcat is named: SRVTomcat@example.com, tomcat is running on port 8081.
I was able to authenticate email@example.com user when account is allowed to logon to dc01 but it's not what i'm trying to achive.
I have also created SPN http/app.example.com:8081, configured app.example.com and SRVTomcat as trusted for delegation to selected services.
What else should I do?
You can try to add a domain user in the security tab of the SRVTomcat account and grant rights to this user. If this does not address the problem,
please let us know more information.
Meanwhile, I suggest you also contact the support of this application.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.
Would you like to participate?