[CentOS] Apache + auth_mod_kerb + Active Directory = SSO
Kai Schaetzl
maillists at conactive.com
Thu Dec 17 11:36:40 UTC 2009
James Bensley wrote on Thu, 17 Dec 2009 09:46:00 +0000:
> Internet Explorer however only works with http://hostname/secure and
> not f.q.d.n/secure? (Integrate with Windows Authentication IS
> enabled).
That is because your FQDN is detected as Internet zone and that will not
use Windows Authentication (for obvious reasons). That authentication is
done only in the Local Intranet zone. You can see that if you look in the
security settings of IE. (Do not change them!)
IE should automatically detect that this FQDN is part of your Intranet
with the "automatically detect" setting if your AD is setup correctly. If
you can't make this work, you can disable the automatic detection and then
add FQDNs manually to the Local Intranet zone. Of course, this makes sense
only if you have a few machines.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the CentOS
mailing list