Internet Explorer 8 and Windows 7 with SAP NetWeaver

Recently had a problem with our SAP portal where single sign on (SSO) wouldnt work with the new Windows 7 clients we were deploying. Windows Vista with IE 7 would work fine but Windows 7, which has Internet Explorer 8, wouldnt work with single sign on. After a bit of troubleshooting we were able to narrow the problem down to authentication types. This blog post here was particularly useful in helping us troubleshoot... http://blogs.technet.com/b/instan/archive/2009/10/12/changes-in-default-encryption-type-for-kerberos-pre-authentication-on-vista-and-windows-7-clients-cause-security-audit-events-675-and-680-on-windows-server-2003-dc-s.aspx Basically to fix this we had to change a group policy to get this to work. If you change the policy under local computer policy / computer configuration / windows settings / security settings / local policies / security options / network security: Configure encryption types allowed for kerberos this should fix your problem. We had to tick all of the boxes as as Windows 7 uses aes256, our domain (at 2003 level) uses rc4, and it seems that NetWeaver needs DES_CBC_CRC and _MD5 to work. Make sure you try logging off and back on as well as a full restart when testing this as that was how we found that just ticking the DES options then prevented us from logging back on after a restart.