...
You could alternatively use the Kantega SSO Backup & restore (Snapshots of config (Backup & restore) feature to move your configuration from the old installation to the new. This would also correctly move configuration for Kerberos/SAML/OIDC setups. But configuration for Cloud User Sync will be somewhat more work since these rely on a User directory setup that is not restored. And especially for a SCIM setup, you would have to run the SCIM setup wizard again.
...
Other than that, check the output of the Kerberos test page in Kantega SSO carefully. Is it highlighting any other problems? In particular: Any warnings about ticket KVNO and keytab KVNO mismatch?
If you encounter this exception:
SPNego Exception: GSSException: Failure unspecified at GSS-API level (Mechanism level: Permission denied)
It might be related to a setting -Dsun.security.jgss.native=true, please check if user running the Atlassian hos product have access to the relevant GSS library or remove the setting if it’s not necessary.
Relevant libraries might include:
Linux:
libgssapi_krb5.so,libgssapi.somacOS:
libgssapi_krb5.dylibWindows:
secur32.dll
For more information you can check this documentation:
https://docs.oracle.com/en/java/javase/11/security/accessing-native-gss-api.html
User gets a username / password popup and/or the browser sends an NTLM token instead of a Kerberos token
...