Single Sign-On Authentication Failure (Incorrect Mechanism)

Log file message:

(Single Sign-On) Client attempted NTLM authentication; single sign-on authentication supports only Kerberos V5 authentication. Refer to single sign-on documentation for resolution.

(Single Sign-On) Failed authentication because of an invalid client token. Refer to single sign-on documentation for resolution.

Cause 1

The service principal name (SPN) is missing.

Resolution 1

See Updating the Windows Domain Configuration for information on how to create and register a service principal name (SPN).

Cause 2

The client is not using a supported web browser, or is using an incorrectly configured web browser.

Resolution 2

See Updating the Web Browser Configuration for information on supported browsers and on how to update web browser configurations.