Hi Nick,
The original problem related to clock skews, and it is fixed by changing at OS level. However, before making the change, I deleted and recreated the key tab in SPNEGO transaction. After that, using SEC_TRACE_ANALYZER, I found the following errors:
Image may be NSFW.
Clik here to view.
The SSO for SAP Logon still works so probably only the key tab created in SPNEGO is the root cause. I believe that I should not delete the key tab in the first place, I don't know how to troubleshoot the problem now. The password for service user in SPNEGO transaction is corrected, the service user also has the host name in HTTP service principle name.
Do you have any idea how to solve the problem?
Regards,
Duy
