Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

1 answer

Samba Shares Without Using Winbind

I am curious if it is possible to use samba shares without using winbind. In our current environment we are using SSSD, Kerberos, and Samba to complete the required tasks such as joining the windows domain and setting up active directory/LDAP. …

asked Nov 19 '14 at 03:13

user2104891

votes

1 answer

Can I use user-based kerberos authentication with NFSv4?

Is it possible to set NFSv4 + Kerberos to do user-based authentication? As far as I understand you are required to create a principal for a client machine(i.e. it is still Host-based?) on Kerberos server, which requires admin access to KDC. In my…

kerberos nfs nfs4

asked Nov 14 '14 at 17:52

DKMudrechenko

votes

2 answers

How do I re-enable Kerberos authentication after upgrading to Mac OS X 10.10 Yosemite?

In previous versions of Mac OS X, one could enable Kerberos authentication when a user logs in by following a support document. Specifically, this document explains that the file /etc/pam.d/authorization needs to be edited to enable this. After…

mac-osx kerberos osx-yosemite

asked Oct 20 '14 at 01:04

Elias Mårtenson

votes

1 answer

Kerberos token size error

I am having issues with a .net 2.0 web app hosted on a windows 2003 server authenticating with a java app (on linux I think). The java server is expecting Kerberos authentication and currently fails as the request is coming in with NTLM. I had a…

windows-server-2003 kerberos

asked Sep 08 '14 at 20:41

JustinM

votes

0 answers

Avoid client keytab with Kerberized NFSv4

I would like to setup a Kerberized NFSv4 server such that clients do not need a keytab to mount a volume (but such that users get their privileges according to their Kerberos ticket as usual). Is it possible? More precisely: it is my understanding…

nfs kerberos nfs4

asked Aug 29 '14 at 14:11

Giovanni Mascellani

votes

1 answer

Apache - Replace Apache::AuthenNTLM with Kerberos (mod_auth_kerb)

Within an intranet system on Solaris we currently use perls Apache2::AuthenNTLM module to authenticate with a Win 2k3 doman server, so we can access the user ID of the person browsing the site. Moving to Win 2012 AD servers, we're told this won't…

apache-2.2 kerberos perl ntlm mod-auth-kerb

asked Aug 29 '14 at 10:44

Dr.Avalanche

votes

2 answers

Is the Kerberos SPN FQDN significant to the server, or is the keytab enough?

I spend most of my time as a developer, so I'm not familiar with all the details... I have a service running on a linux host. I want to use Kerberos to transmit identity information to the service. Some of my clients are on windows clients attached…

active-directory java kerberos

asked Jul 09 '14 at 21:37

Mike DeAngelo

votes

1 answer

MSSQLSvc Service Principal Names, Kerberos, and NTLM

Was recently helping a DBA with an issue that appeared to be related to an invalid SPN. Discovered that a good number of SQL service accounts simply don't have an SPN set, resulting in NTLM authentication. I've added SPN configuration to our build…

active-directory sql-server kerberos

asked Jun 25 '14 at 12:46

Cookie Monster

votes

0 answers

Keberos clock skrew, although the clocks are synchronized

We have an issue during a backup (run every night). This backup is managed by Veeam Backup&Replication : copy 7 virtual machines from one VMware ESXi host. This host is linked to a vCenter server. This vCenter server is joined to a active directory…

backup kerberos vmware-vcenter

asked Apr 17 '14 at 09:48

Baud

votes

2 answers

Integrated Windows Authentication not working on PC bound to AD network

Background: Web server running LAMP stack Web server has VPN tunnel to AD network at HQ Multiple AD networks around the globe with VPN tunnels and trust relationships to HQ network Kerberos authentication configured on webserver and working for…

apache-2.2 active-directory kerberos internet-explorer

asked Apr 04 '14 at 17:36

Jameel

votes

2 answers

winbindd: kinit succeeded but ads_sasl_spnego_krb5_bind failed: Cannot contact any KDC for requested realm

While looking for reasons why logging in to a samba machines joined to Active Directory is slow I have the strong impression that the following error in my log file could be a hint. Apr 3 14:44:14 eu2 winbindd[19632]: [2014/04/03 14:44:14.166820, …

samba kerberos winbind

asked Apr 03 '14 at 13:01

WoJ

3,365
8
46
75

votes

1 answer

Does Kerberos provide Encryption of Application Session data?

I understand kerberos provides authentication using encryption. I see it exchanges session keys. Are those session keys used for applications send their data over that network encryption after authentication is performed? For an example to…

kerberos

asked Mar 28 '14 at 03:35

jouell

votes

1 answer

Setting up sharepoint with kerberos authentication

I'm trying out sharepoint and I'm installed MOSS2007 trial version. I selected kerberos authentication method during install. It installed everything and when I try to go Central Administration site from IE I get 401.1 error. In the security event…

security sharepoint authentication kerberos

asked Aug 24 '09 at 20:12

Satish

votes

2 answers

Apache 2.2.14 / mod_auth_kerb 5.4 : Custom krb5.conf for Apache Instance

Objective: Use Apache/mod_auth_kerb using a custom krb5.conf file, not system standard /etc/krb5.conf. Issue: I've got a strongly regimented environment where we application owners are able to configure apache instances within their assigned…

apache-2.2 kerberos environment-variables

asked Mar 19 '14 at 16:19

Cita Secari

votes

0 answers

Encounter an error when configuer secure hadoop : org.apache.hadoop.security.AccessControlException

I try to configure secure hadoop with kerberos. I have started KDC server , generated and copy related keytab to corresponding node. kerberos can work normally (use kinit) but when i try to start namenode , I encouter a weird error . I have…

kerberos hadoop

asked Mar 16 '14 at 05:12

xiaoxiao

Prev 1 2 3

…

75 76 Next