Ross Walker wrote:
> On Feb 16, 2009, at 3:13 AM, "Sorin Srbu" <sorin.s...@orgfarm.uu.se>
> wrote:
>
>
>>> -----Original Message-----
>>> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
>>>
>> Behalf
>>
>>> Of Christopher Chan
>>> Sent: Monday, February 16, 2009 8:53 AM
>>> To: CentOS mailing list
>>> Subject: Re: [CentOS] Practical experience with NTLM/Windows
>>> Integrated
>>> Authentication [Apache]
>>>
>>>
>>>
>>>>> No, NTLM auth works in Firefox (at least on Firefox on Windows, I
>>>>> don't think it will work in other platforms though).
>>>>>
>>>> It doesn't. NTLM auth to eg Sharepoint sites works fine with
>>>> Firefox in
>>>> Windows. Setting the same things in Firefox under linux and having
>>>> it
>>>>
>> login
>>
>>>> to sharepoint doesn't.
>>>>
>>> I don't think any other OS other than Windows has NTLM bindings.
>>>
>> Probably not, but I was thinking there may be some obscure package
>> somewhere
>> on the 'net to do this.
>>
>
> Avoid NTLM all together and use Kerberos between apache/squid, Active
> Directory and the Windows and Linux clients.
>
> Firefox and IE both support Kerberos authentication. I believe apache/
> squid do too, but you need a manually create the service principal
> names in AD for those.
>
> Use pam_krb5 on the Linux clients to get a ticket on login.
>
Mind sharing the pam config for that? I have something setup but things
don't seem to work.
> Use samba client on Linux hosts to join to domain and manage the
> Kerberos keytab file for the machine passwords.
>
Hmm...maybe I should not have manually created the credentials.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos