Turner,Jonas
2016-06-30 17:30:31 UTC
I have been trying to get SSO to work correctly with the following packages, and I appear I am missing something and I was wondering if anyone can help me or point me in the right direction?
I am currently using the "auth_ntlm_winbind_module" for apache to try and authenticate and was hoping to get SSO to work.
I have gone through all the steps on SEVERAL sites trying to figure out how to auth to the website if the user is in the domain.
Steps Taken:
· Added the server running Apache (2.2.15) to the domain
· Can see the server name in AD
· Can use "wbinfo -t" and get the following "checking the trust secret for domain DOMAINSERVER via RPC calls succeeded"
· Can use "wbinfo -n username" and it returns me the SID_USER
When I go to the website using the config below, I go to the website but I am being prompted for credentials. I enter my AD credentials (tried several accounts), it allows me to authenticate and I am shown the page. It appears it's checking to see if the user is authenticated to access the page, but curious on why I can't get SSO to work automatically.
Any help or suggestions would be great!
Thanks!
LoadModule auth_ntlm_winbind_module /usr/lib64/httpd/modules/mod_auth_ntlm_winbind.so
<Directory "/var/www/html/test">
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "NTLM Authentication"
AuthType NTLM
Require valid-user
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
NegotiateAuth on
</Directory>
Jonas Turner │ Security Analyst II
Ph: 419.254.4890│Fax: 419.252.5557
E-mail: ***@hcr-manorcare.com<mailto:***@hcr-manorcare.com>
I am currently using the "auth_ntlm_winbind_module" for apache to try and authenticate and was hoping to get SSO to work.
I have gone through all the steps on SEVERAL sites trying to figure out how to auth to the website if the user is in the domain.
Steps Taken:
· Added the server running Apache (2.2.15) to the domain
· Can see the server name in AD
· Can use "wbinfo -t" and get the following "checking the trust secret for domain DOMAINSERVER via RPC calls succeeded"
· Can use "wbinfo -n username" and it returns me the SID_USER
When I go to the website using the config below, I go to the website but I am being prompted for credentials. I enter my AD credentials (tried several accounts), it allows me to authenticate and I am shown the page. It appears it's checking to see if the user is authenticated to access the page, but curious on why I can't get SSO to work automatically.
Any help or suggestions would be great!
Thanks!
LoadModule auth_ntlm_winbind_module /usr/lib64/httpd/modules/mod_auth_ntlm_winbind.so
<Directory "/var/www/html/test">
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "NTLM Authentication"
AuthType NTLM
Require valid-user
NTLMAuth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
NegotiateAuth on
</Directory>
Jonas Turner │ Security Analyst II
Ph: 419.254.4890│Fax: 419.252.5557
E-mail: ***@hcr-manorcare.com<mailto:***@hcr-manorcare.com>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba