Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

1 answer

Single Sign On with multiple Identity Providers from PHP web app

I'm building a SAAS web app in PHP that needs to integrate SSO. We'll have multiple client organizations, each that have their own Identity Provider (Active Directory). While researching possibilities, I came across SimpleSAMLphp, but I'm not sure…

asked Dec 03 '15 at 21:45

webaholik

votes

1 answer

Cache FreeIPA passwords to /etc/passwd

I have setup freeIPA/Kerberos authentication for my domain and it works well. I have a service that does not support server-based auth, only local auth via /etc/passwd. Is there a method to cache passwords from freeIPA to local disk, which I can…

authentication kerberos passwd freeipa

asked Nov 30 '15 at 00:17

Vince

votes

1 answer

Switch to Kerberos Authentication with Apache2 on Ubuntu (LDAP or AD)

I'm considering to switch my intranet apps to Kerberos authentication.(currently NTLM but modules required are not maintained anymore and will in not work anymore once the web server is updated to newest release (Ubuntu)). I'm completely new to this…

ubuntu apache-2.4 kerberos

asked Nov 24 '15 at 07:17

beginner_

votes

4 answers

Squid kerberos authentication no popup

I configured squid to use kerberos authentication but when I'm trying to use proxy with browser i don't get popup in browser with ask for user and password - just access denied cos of no authentication. Is it possible to configure…

authentication squid kerberos

asked Nov 20 '15 at 20:21

user3069488

votes

1 answer

Windows AD single DC (degraded) - cannot modify Administrator limit exceeded

I had 2 DC's in my domain. one of them died, and the last one has all roles, dcdiag netdiag show all checked as "good" - but i actually can't modify my "Administrator" account. according to alot, googling, i have to reset my local machine…

active-directory windows-server-2003 kerberos

asked Nov 17 '15 at 06:57

Helmut Januschka

votes

1 answer

Login in Active Directory Domain (Samba 4) and mount -t cifs on debian

I've configured Samba 4 with bind and kerberos to work as an Active Directory authentication server. I've also configured "home share" so I can login to any Windows machine in my Domain and work with my files. In addition I want to access my files…

active-directory samba kerberos samba4 sssd

asked Nov 10 '15 at 09:42

ghi

votes

1 answer

Server 2008 R2 Replication Issue

I am trying to figure out why my Server 2 which is a domain controller is getting an error saying "Access Denied" when I am trying to access group policy management. I have checked and it is giving some kind of Kerberos error. I am unsure how to fix…

windows-server-2008-r2 replication kerberos

asked Nov 04 '15 at 22:17

JukEboX

votes

1 answer

Cannot authenticate with Kerberos if both client and server on the same machine

I have a Tomcat webapp that supports Kerberos authentication. It works fine and I can log in to that app if I use a built-in account like LOCAL SYSTEM or NETWORK SERVICE, but I'm having problems with setting up a non-default domain account for…

windows-server-2008-r2 kerberos tomcat6 windows-authentication

asked Oct 23 '15 at 17:26

username

votes

1 answer

krb5 / ldap: realm name match with directory namingContext

In order to store krb5 principal entries on LDAP, is the LDAP naming context (root basename) required to match the realm name? principals of the realm HQ.EXAMPLE.ORG can be stored in the dc=example,dc=org naming context of the directory tree?

ldap kerberos

asked Oct 08 '15 at 06:35

Francesco Malvezzi

votes

1 answer

Authenticate Samba share via Kerberos using Open Directory

I have an Open Directory master on a machine called "minime" (El Capitan, Server 5). I further have a Samba server "tricky", running Ubuntu and a Mac OS X client "wallace". I want users on wallace to access files on tricky while being authenticated…

samba kerberos opendirectory

asked Oct 04 '15 at 17:33

tigloo

votes

1 answer

Slaptest, bad configuration file

I have been struggling to start LDAP server and I am failing miserably at it, from journalctl -xn I it clearly say bad configuration files!, but there are three configuration files, but what is missing/wrong. I do not have a clue.(Noob QA guy, with…

centos ldap openldap kerberos

asked Sep 15 '15 at 00:37

vector8188

votes

2 answers

LDAP+KERBEROS server configuration

I am following this guide to setup up kerberos server. the system configuration for kerberos server is below, can someone help me to resolve the issue, any help will be appreciated. Here is the problem I'm seeing: root@openldap ~# kadmin -p…

openldap kerberos

asked Sep 09 '15 at 18:38

vector8188

votes

1 answer

FreeIPA ssh auth not working remotle with .k5login file

I cant login to my root and any other account which im not owner with kerberos and ~/.k5login (ksu is working). Here is presentation of problem: root@gwhost:~# ssh user@freeipa01 user@freeipa01's password: Last login: Tue Sep 8 15:46:20 2015 from…

ssh authentication kerberos freeipa

asked Sep 08 '15 at 17:50

user3069488

votes

1 answer

Scalability of multiple keytabs, Linux NFS client/server and Windows AD KDC

I have kerberized NFSv3 working with a generic Linux NFS server and multiple Linux clients with a Windows AD 2012 domain for the Kerberos Realm. Windows KDC requires that when you create a keytab for authentication to the NFS server you must map an…

active-directory nfs kerberos

asked Aug 17 '15 at 08:27

Compendius

votes

1 answer

krb5.conf is not readable by httpd process

I have an issue regarding kerberos / httpd / RHEL System 1 This is the problematic system. OS: RHEL 6.6 Kernel: 2.6.32-431.29.2.el6.x86_64 CPU: Intel Xeon X5570 There is a kerberized website running on the server. System 2 This system is working…

linux httpd kerberos rhel6

asked Aug 12 '15 at 13:24

Dave

Prev 1 2 3

…

75 76 Next