Ping a Specific Port

Question

Christoffer Reijer

Asked: 2015-11-21 04:14:53 +0800 CST2015-11-21 04:14:53 +0800 CST 2015-11-21 04:14:53 +0800 CST

Apache Kerberos auth prompts user for password

772

I am trying to setup single-sign on against our Active Directory server for my Apache using the mod_auth_kerb module.

I have the following configuration in Apache:

AuthType      Kerberos
AuthName      "Test"
KrbAuthRealms COMPANY.LOCAL
Krb5Keytab    /etc/apache2/http.keytab

The keytab was created with the following command:

ktpass -out http.keytab \
       -princ HTTP/[email protected] \
       -pass <REDACTED> \
       -mapuser COMPANY\myserver-HTTP \
       -crypto AES256-SHA1 \
       -ptype KRB5_NT_PRINCIPAL

I have verified that the principal in the keytab is also added to the account name.

I have another server with similar configuration where it works; the users are authenticated without a password prompt.

Any ideas on how to further troubleshoot this problem?

1 Answers

Voted

NKP · Answer 1 · 2019-08-22T19:47:55+08:00

NKP

2019-08-22T19:47:55+08:002019-08-22T19:47:55+08:00

You need to set KrbMethodK5Passwd off in your apache conf file

0

Apache Kerberos auth prompts user for password

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?