[CentOS] Apache + auth_mod_kerb + Active Directory = SSO

Kai Schaetzl maillists at conactive.com
Thu Dec 17 11:36:40 UTC 2009


James Bensley wrote on Thu, 17 Dec 2009 09:46:00 +0000:

> Internet Explorer however only works with http://hostname/secure and
> not f.q.d.n/secure? (Integrate with Windows Authentication IS
> enabled).

That is because your FQDN is detected as Internet zone and that will not 
use Windows Authentication (for obvious reasons). That authentication is 
done only in the Local Intranet zone. You can see that if you look in the 
security settings of IE. (Do not change them!) 
IE should automatically detect that this FQDN is part of your Intranet 
with the "automatically detect" setting if your AD is setup correctly. If 
you can't make this work, you can disable the automatic detection and then 
add FQDNs manually to the Local Intranet zone. Of course, this makes sense 
only if you have a few machines.


Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com





More information about the CentOS mailing list