Comments on: Single Sign-On with Apache and Active Directory – Part 1 http://sivel.net/2007/05/sso-apache-ad-1/ Throwing Hot Coals Fri, 30 Dec 2011 00:37:12 +0000 hourly 1 http://wordpress.org/?v=3.4-alpha-19719 By: Stephen http://sivel.net/2007/05/sso-apache-ad-1/#comment-15612 Stephen Wed, 22 Jun 2011 09:11:22 +0000 http://sivel.net/archives/12#comment-15612 This was a big help... cheers :D This was a big help… cheers :D

]]> By: Yasmine Dennis http://sivel.net/2007/05/sso-apache-ad-1/#comment-7767 Yasmine Dennis Wed, 13 Jan 2010 11:36:18 +0000 http://sivel.net/archives/12#comment-7767 Interesting article..What more can you say about microsoft? Interesting article..What more can you say about microsoft?

]]> By: Search file http://sivel.net/2007/05/sso-apache-ad-1/#comment-7207 Search file Fri, 18 Dec 2009 20:04:00 +0000 http://sivel.net/archives/12#comment-7207 thanks for the post :) thanks for the post :)

]]> By: Chandramani Yadav http://sivel.net/2007/05/sso-apache-ad-1/#comment-3770 Chandramani Yadav Thu, 02 Jul 2009 20:11:06 +0000 http://sivel.net/archives/12#comment-3770 Hi nihylo, you have mentioned that you are not using winbind, then what are you using? Hi nihylo,

you have mentioned that you are not using winbind, then what are you using?

]]> By: nihylo http://sivel.net/2007/05/sso-apache-ad-1/#comment-1400 nihylo Tue, 16 Dec 2008 13:08:26 +0000 http://sivel.net/archives/12#comment-1400 Same issue as zerocool and Stan. I don't use Winbind/Samba at all because my purpose is to avoid this kind of solution. Same issue as zerocool and Stan. I don’t use Winbind/Samba at all because my purpose is to avoid this kind of solution.

]]> By: Seth Bodine http://sivel.net/2007/05/sso-apache-ad-1/#comment-1375 Seth Bodine Sat, 29 Nov 2008 08:14:30 +0000 http://sivel.net/archives/12#comment-1375 If your getting Bad/Missing NTLM/Basic Authorization Header and are using NTLM for Squid or Apache Authentication via Winbind/Samba then: if wbinfo -t returns a failure <code> wbinfo -t # checking the trust secret via RPC calls failed # Could not check secret </code> Restart Samba & Winbind & Reload <code> /etc/init.d/samba restart /etc/init.d/winbind restart /etc/init.d/apache2 reload </code> Note: this is a messy workaround but it does appear to resolve the issue (might not need to restart winbind but it can't hurt? If your getting Bad/Missing NTLM/Basic Authorization Header and are using NTLM for Squid or Apache Authentication via Winbind/Samba then:

if wbinfo -t returns a failure
wbinfo -t
# checking the trust secret via RPC calls failed
# Could not check secret

Restart Samba & Winbind & Reload
/etc/init.d/samba restart
/etc/init.d/winbind restart
/etc/init.d/apache2 reload

Note: this is a messy workaround but it does appear to resolve the issue (might not need to restart winbind but it can’t hurt?

]]> By: Stan http://sivel.net/2007/05/sso-apache-ad-1/#comment-18 Stan Fri, 18 Apr 2008 15:55:50 +0000 http://sivel.net/archives/12#comment-18 I have the same issue as zerocool and IE keeps popping up login dialog logs show Bad/Missing NTLM/Basic Authorization Header for /test/viewlist.php I have the same issue as zerocool and IE keeps popping up login dialog

logs show Bad/Missing NTLM/Basic Authorization Header for /test/viewlist.php

]]> By: zerocool http://sivel.net/2007/05/sso-apache-ad-1/#comment-17 zerocool Mon, 17 Mar 2008 08:49:53 +0000 http://sivel.net/archives/12#comment-17 I have a problem setting this up, i get ==> You have logged in as ; this is my ntlm.conf file ----------------------------- PerlAuthenHandler Apache2::AuthenNTLM AuthType ntlm,basic AuthName Basic require valid-user # domain pdc bdc PerlAddVar ntdomain “EXAMPLE server.EXAMPLE.COM″ PerlSetVar defaultdomain server PerlSetVar splitdomainprefix 1 (offtopic:I already tried working with mod_auth_kerb and mod_auth_ldap but i allways get the login prompt that keeps popping up, and if check the apache logs, it says cant find KDC?) I have a problem setting this up, i get ==> You have logged in as ;

this is my ntlm.conf file
—————————–

PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName Basic
require valid-user
# domain pdc bdc
PerlAddVar ntdomain “EXAMPLE server.EXAMPLE.COM″
PerlSetVar defaultdomain server
PerlSetVar splitdomainprefix 1

(offtopic:I already tried working with mod_auth_kerb and mod_auth_ldap but i allways get the login prompt that keeps popping up, and if check the apache logs, it says cant find KDC?)

]]> By: Adam Nielson http://sivel.net/2007/05/sso-apache-ad-1/#comment-16 Adam Nielson Wed, 13 Feb 2008 18:09:57 +0000 http://sivel.net/archives/12#comment-16 Cool! Thank you very much! Its working now and the index.php file is reporting back properly! Now... any ideas how to get OTRS to work with it? :) Cool! Thank you very much! Its working now and the index.php file is reporting back properly!

Now… any ideas how to get OTRS to work with it? :)

]]> By: Matt http://sivel.net/2007/05/sso-apache-ad-1/#comment-15 Matt Wed, 13 Feb 2008 14:30:13 +0000 http://sivel.net/archives/12#comment-15 @Adam: The file should be index.php. The instructions above need to be fixed. And just to make sure that it is written correctly above the code should be: <code> <?php echo "You have logged in as <b>" . $_SERVER['REMOTE_USER'] . "</b>"; ?> </code> I'll fix the instructions above very soon. As for the error you will sometime get that even though this is working. @Adam: The file should be index.php. The instructions above need to be fixed. And just to make sure that it is written correctly above the code should be:

<?php
echo "You have logged in as <b>" . $_SERVER['REMOTE_USER'] . "</b>";
?>

I’ll fix the instructions above very soon.

As for the error you will sometime get that even though this is working.

]]>