Systems/Services/Kerberos: Difference between revisions

From Pumping Station One
Browse history interactively
← Older editNewer edit →
VisualWikitext
Line 36: Line 36:
         ad.pumpingstationone.org = AD.PUMPINGSTATIONONE.ORG
         ad.pumpingstationone.org = AD.PUMPINGSTATIONONE.ORG
         .ad.pumpingstationone.org = AD.PUMPINGSTATIONONE.ORG
         .ad.pumpingstationone.org = AD.PUMPINGSTATIONONE.ORG
</pre>
== Apache SSO ==
Setting up the keytab:
<pre>
msktutil -u -s HTTP --server bob
cp  /etc/krb5.keytab /usr/local/etc/apache24/krb5.keytab
ktutil -k /usr/local/etc/apache24/krb5.keytab remove -p rack\$
ktutil -k /usr/local/etc/apache24/krb5.keytab remove -p host/rack.ad.pumpingstationone.org
chown www /usr/local/etc/apache24/krb5.keytab
<pre>
Configure Auth:
<pre>
            Authtype Kerberos
            AuthName "AD.PUMPINGSTATIONONE.ORG"
            KrbAuthoritative on
            KrbServiceName  HTTP/rack.ad.pumpingstationone.org
            Krb5Keytab /usr/local/etc/apache24/krb5.keytab
            KrbAuthRealms AD.PUMPINGSTATIONONE.ORG
            KrbMethodk5Passwd on
            KrbMethodNegotiate on
            Require valid-user
</pre>
</pre>
Retrieved from "https://ps1.mywikis.net/wiki/Systems/Services/Kerberos"
Powered by MediaWiki
Powered by Semantic MediaWiki