[users@httpd] Kerberos and local group authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'v been able to set up Kerberos authentication to W2K AD but want to use local groups, or a list of users, as well.  That is, I want users to enter their Windows user name and password and then get access only if they are listed in a local file on the apache server.  Has anyone been able to do this?

Setup:

Solaris 8
Apache 2.0.59
krb-1.5.1
mod_auth_kerb 5.0

The httpd.conf entries below aren't my exact entries, but you get the idea.  I want any user listed in groupfile to be able to access the site.  I've tried to use both user and group files.  Users work if specified with realm name in the httpd.conf, i.e., require user user1@xxxxxxxxxxx.  The error I get in the Apache logs (set to debug) is:

configuration error:  couldn't check access.  No groups file?: /directory/test.html

httpd.conf entries:

    AuthType Kerberos
    AuthName "Kerberos Login"
    KrbMethodNegotiate off
    KrbMethodK5Passwd on
    KrbServiceName HTTP
    Krb5KeyTab /etc/krb5/krb5.keytab
    KrbAuthRealms COMPANY.COM
    KrbAuthoritative on
    KrbVerifyKDC off
    KrbSaveCredentials off
    #AuthUserFile groupfile
    AuthGroupFile groupfile
    Require group mygroup

Any help is appreciated.
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux