Hello,
I'm after some advice on how to configure Kerberos v5 to authenticate users
from different Windows domains to the same Apache hosted application. Is this
possible? If so, is there a simple guide on what needs to be done in order to
achieve it that can be shared with me?
I have Kerberos v5 installed with a Kerberos-capable version of Apache on AIX
5.3.
I have had a keytab file generated in the Windows "EU" domain, and have
configured the server so the application authenticates users from the "EU"
domain.
/etc/krb5.conf is similar to:
[libdefaults]
default_realm = EU.COMPANY.NET
[realms]
EU.COMPANY.NET = {
kdc = eudc01.eu.company.net
admin_server = eudc01.eu.company.net
default_domain = eu.company.net
}
[domain_realm]
.svr_domain.company.net = EU.COMPANY.NET
svr_domain.company.net = EU.COMPANY.NET
What do I need to do in order to also authenticate users from the companies
"US" domain, which is controlled by separate domain controller(s), to the
application?
Any help anyone can give me would be very greatfully received.
Regards,
Kevan Earl
--------------------------------------------------------------------------
AstraZeneca UK Limited is a company incorporated in England and Wales with
registered number: 03674842 and a registered office at 15 Stanhope Gate, London
W1K 1LN.
Confidentiality Notice: This message is private and may contain confidential,
proprietary and legally privileged information. If you have received this
message in error, please notify us and remove it from your system and note that
you must not copy, distribute or take any action in reliance on it. Any
unauthorised use or disclosure of the contents of this message is not permitted
and may be unlawful.
Disclaimer: Email messages may be subject to delays, interception, non-delivery
and unauthorised alterations. Therefore, information expressed in this message
is not given or endorsed by AstraZeneca UK Limited unless otherwise notified by
an authorised representative independent of this message. No contractual
relationship is created by this message by any person unless specifically
indicated by agreement in writing other than email.
Monitoring: AstraZeneca UK Limited may monitor email traffic data and content
for the purposes of the prevention and detection of crime, ensuring the
security of our computer systems and checking Compliance with our Code of
Conduct and Policies.
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
