Displaying 9 results from an estimated 9 matches for "krbauthrealms".
2017 Apr 04
1
Apache2 Kerberos-Authentication and LDAP-Authorization
...s.
The steps to create the keytab file, etc are from the other two guides,
except that the user http-servername gets a known password instead of a
random.
<Directory "/login.html">
AuthType Kerberos
AuthName "Network Login"
KrbMethodNegotiate On
KrbMethodK5Passwd On
KrbAuthRealms X.Y
Krb5KeyTab /etc/apache2/apache.keytab
KrbLocalUserMapping On
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDn On
# Adding cn and displayName is optional, but provides the value
# as environment variables to the script
# e.g.: AUTHORIZE_DISPLAYNAME="John Doe"
AuthLDAP...
2016 Aug 03
4
FW: kerberos nfs4's principals and root access
You need for the apache keytab something like
Alias /webmail /usr/share/webmail
#
<Directory /usr/share/ webmail >
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate On
KrbMethodK5Passwd Off
KrbServiceName HTTP
KrbAuthRealms EXAMPLE.COM
Krb5KeyTab /etc/httpd/conf/keytab
require valid-user
</Directory>
chmod 400 /etc/httpd/conf/keytab
chown www-data:www-data /etc/httpd/conf/keytab
> In fact i'm stuck between my two problems (root acces to Kerberised NFS
> share / www-data access to userdir into...
2015 Aug 05
5
LDAP bindpw password
Hi.
I'm using Samba 4 on two Zentyal servers as Domain Controller and now
I have to authenticate some services to it (Apache and PAM in
particular).
The LDAP integration asks me for a LDAP bind password, but I cannot
find out where it is on Zentyal.
Is there a way to check (or change it) directly on Samba 4?
Or is it preferable to authenticate against Active Directory or Kerberos?
Thank you
2015 Aug 05
0
LDAP bindpw password
...ba,
and mainwhile doing a rollout.. :-/
Here are some working examples on debian jessie.. with samba 4.1.7 debian.
an apache2.4 kerberos auth example.
AuthType Kerberos
AuthName "Website Login"
KrbMethodNegotiate On
KrbMethodK5Passwd Off
KrbServiceName HTTP
KrbAuthRealms INTERNAL.DOMAIN.TLD
Krb5KeyTab /etc/apache2/hostname-apache.keytab
require valid-user
an squid kerberos example.
auth_param negotiate program /usr/lib/squid3/negotiate_kerberos_auth -s HTTP/hostname.internal.domain.tld at INTERNAL.DOMAIN.TLD
auth_param negotiate children 10 startup=0 idl...
2016 Aug 03
1
FW: kerberos nfs4's principals and root access
...t;>> <Directory /usr/share/ webmail >
> >>> AuthType Kerberos
> >>> AuthName "Kerberos Login"
> >>> KrbMethodNegotiate On
> >>> KrbMethodK5Passwd Off
> >>> KrbServiceName HTTP
> >>> KrbAuthRealms EXAMPLE.COM
> >>> Krb5KeyTab /etc/httpd/conf/keytab
> >>> require valid-user
> >>> </Directory>
> >>> chmod 400 /etc/httpd/conf/keytab
> >>> chown www-data:www-data /etc/httpd/conf/keytab
> >>>
> >> That&...
2016 Aug 03
0
FW: kerberos nfs4's principals and root access
...gt; > Alias /webmail /usr/share/webmail
> > #
> > <Directory /usr/share/ webmail >
> > AuthType Kerberos
> > AuthName "Kerberos Login"
> > KrbMethodNegotiate On
> > KrbMethodK5Passwd Off
> > KrbServiceName HTTP
> > KrbAuthRealms EXAMPLE.COM
> > Krb5KeyTab /etc/httpd/conf/keytab
> > require valid-user
> > </Directory>
> > chmod 400 /etc/httpd/conf/keytab
> > chown www-data:www-data /etc/httpd/conf/keytab
> >
> That's exactly what I thought. I'll try this soon.
>...
2018 Oct 04
2
CentOS 7.5, Apache 2.4, Kerberos
...lude conf/vhosts.d/template.inc
</VirtualHost>
==conf/vhosts.d/template.inc contains==
<Directory "${vhost_home}/sso">
AuthType Kerberos
AuthName "Kerberos Login"
KrbMethodNegotiate on
KrbMethodK5Passwd off
KrbAuthoritative off
KrbAuthRealms [list of realms removed for security]
Krb5Keytab "/etc/krb5.keytab"
KrbServiceName Any
require valid-user
ErrorDocument 401 "<html><meta http-equiv=\"refresh\"
content=\"0;url=/login/anonlogin.php\"></html>"
</Di...
2015 May 11
6
Authenticating Apache Against Active Directory
Hello,
Using Nagios on Ubuntu 14.04.1 LTS. I'm attempting to authenticate
users against Samba 4.2.1. When I edit 'apache2.conf' with
<Directory />
Options FollowSymLinks
AllowOverride None
Require all granted
Allow from all
AuthName "AD authentication"
AuthBasicProvider ldap
AuthType Basic
2016 Aug 02
3
FW: kerberos nfs4's principals and root access
It's ok
So, if I create a httpuser and an httpgroup in my AD and use these at
owner and group for my apache2 daemon, this one could access to userdirs
(while permissions granting it) ? But I need to cron 'kinit' to keep
valid ticket... ?
My local root user always can't access to the share, but my other
problem seems to be resolved.
Thanks
Le 02/08/2016 à 16:37, Rowland