Unable to use Windows/IWA to login to FME Server Web Interface. Have followed all the steps, ensured the SPN is correct, ensured the service account is set correctly, done all the browser checks, and confirmed the Tomcat properties are right.
Going to the URL <server name>/fmetoken/sso/generate throws a 403-Forbidden with a description "The Server Understood the request but refuses to authorize it".
Going to the URL <server name>/fmetoken allows me to generate a token by using userid only. Adding the domain to the front of the username causes the token generation to fail.
So it appears that it's something tied to the domain and how the users credentials are being passed but that leaves me unsure of how/where I missed a configuration that strips the domain during passing of the credentials in order to get a good token returned.
Here is the message that appears when attempting to login:
Here is the message from the sso generation