Re: Apache/Active Directory authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



John,

Thank you for all your pointers!  You are right.. I was able to create a keytab file.  Still having some issues with getting apache to work the way I wan to, but will continue troubleshooting it.

Thank you!
Asya


On Mar 9, 2011, at 10:09 AM, John Hodrien wrote:

> On Wed, 9 Mar 2011, John Hodrien wrote:
> 
>> On Wed, 9 Mar 2011, Dvorkin, Asya wrote:
>> 
>>> Thank you, John.
>>> 
>>> I forgot to add that we cannot generate keytab from AD server for various
>>> reasons that I have no control over.
> 
> And are you really sure this is the case?  If you can join to a domain, you
> can get a keytab (you don't need AD admin rights to do this).
> 
> If you were just using Samba to do the join, something like:
> 
> use kerberos keytab = yes
> 
> in your smb.conf
> 
> and a:
> 
> net ads keytab create
> net ads keytab add http
> 
> on the joined machine would get you a keytab suitable for web auth.
> 
> klist -k would then show you what you'd got.
> 
> jh
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux