[CentOS] Apache/Active Directory authentication
Dvorkin, Asya
dvorkias at umdnj.edu
Thu Mar 10 16:10:46 UTC 2011
John,
Thank you for all your pointers! You are right.. I was able to create a keytab file. Still having some issues with getting apache to work the way I wan to, but will continue troubleshooting it.
Thank you!
Asya
On Mar 9, 2011, at 10:09 AM, John Hodrien wrote:
> On Wed, 9 Mar 2011, John Hodrien wrote:
>
>> On Wed, 9 Mar 2011, Dvorkin, Asya wrote:
>>
>>> Thank you, John.
>>>
>>> I forgot to add that we cannot generate keytab from AD server for various
>>> reasons that I have no control over.
>
> And are you really sure this is the case? If you can join to a domain, you
> can get a keytab (you don't need AD admin rights to do this).
>
> If you were just using Samba to do the join, something like:
>
> use kerberos keytab = yes
>
> in your smb.conf
>
> and a:
>
> net ads keytab create
> net ads keytab add http
>
> on the joined machine would get you a keytab suitable for web auth.
>
> klist -k would then show you what you'd got.
>
> jh
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list