Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

0 answers

Enabling constrained delegation on DC computer account

Is it necessary to have constrained delegation enabled on Microsoft AD domain controller computer account? If yes then why and what are consequences of disabling it? I'm mainly interested in current versions of Windows Server 2008/2012, though don't…

active-directory kerberos delegation

asked Sep 18 '14 at 11:13

Mikhail

1,287
3
18
35

votes

0 answers

Samba4 Workgroup showing in My computer Properties

I suppose my question is stupid but want to clear it. Installed Samba4, joined machine but in My Computer properties the WORKGROUP is shown in lowercase letters. Whats is the reason to don't show in UpperCase letters. For example it shows like…

linux domain samba4 kerberos

asked Sep 18 '14 at 08:53

Stavry

votes

1 answer

389 Directory Server - Multiple Domains

I have multiple business that i would like to authenticate to a single server for SSO. I am using 389 directory server and have already split each domain into it's own respective OU. I would like to use Kerberos for authentication, but can't seem to…

centos ldap kerberos directory domains

asked Sep 15 '14 at 21:42

TriadicTech

votes

1 answer

MacOS X 10.9 Mavericks Kerberos login w/ FreeIPA

Has anyone successfully set up authentication and authorization between MacOS X and FreeIPA? An old revision of the FreeIPA documentation explains how to get it working in 10.4 and nothing in their current documentation indicates it can't be made…

mac-osx ldap kerberos freeipa

asked Aug 29 '14 at 22:49

moof2k

votes

1 answer

Kerberos in production on virtual machines

At the moment I am investigating the possibility to use Kerberos as the primary authentication protocol for our cloud structure. We'll probably follow through with this idea and for the sake of HA the best option would be multiple virtual machines.…

virtualization authentication kerberos

asked Aug 28 '14 at 17:24

Yorick de Wid

votes

1 answer

FreeIPA krb5.conf has example.com entries

I have installed and reinstalled FreeIPA ipa-server-3.0.0-37.el6.x86_64 on a fully updated OEL 6.5 server a couple (3) times now and even if I destroy the existing /etc/krb5.conf file and reinstall ipa-server, the krb5.conf files ends up with this…

ldap kerberos freeipa

asked Aug 26 '14 at 15:29

mr.zog

votes

2 answers

Can't add my Red Hat 7 machine to our company's Active Directory

I'm trying to join my RHEL 7 VM machine to our company's AD. I can validate my login credentials just fine with kinit (No return if I enter the correct password, error if I enter the wrong one), however, when I try to join using realmd it says I…

active-directory redhat kerberos

asked Aug 26 '14 at 12:17

BIfrost

votes

0 answers

Browser (SPNEGO) kerberos authentication on Windows Phone 8 IE

Is there a way to make Internet Explorer on Windows Phone 8 authenticate to a site using Windows Integrated Security Authentication with Kerberos through the Negotiate (SPNEGO) protocol? It seems to support Negotiate fine, but it only ever chooses…

kerberos internet-explorer single-sign-on mobile-devices windows-phone-7

asked Aug 06 '14 at 16:16

Aardvark

votes

1 answer

squid authentication error kerberos - windows active directory

I use squid on RHEL6 and I want that authentication is via AD windows 2008, I already joined the server to the windows domain and all users is already seen by wbinfo -u wbinfo -g but wbmin -t show error below : $ wbinfo -t checking the trust secret…

linux active-directory squid kerberos rhel6

asked Aug 01 '14 at 08:32

user3863795

votes

1 answer

Password reset is not working

I am using krb5 authentication to authenticate users in my machine. I am trying to change my password using passwd command but it failed. ~:$ passwd ~:$ Changing Password for bharathi ~:$ Kerberos 5 Password: ~:$ New Password: ~:$ Retype new…

unix password kerberos

asked Jul 07 '14 at 14:02

kannanrbk

votes

1 answer

Issues with Kerberos trying to log on Samba 4 Active Directory Domain Controller from Windows

I'm trying to setup an Ubuntu Server with Samba 4 as Active Directory Domain Controller and I'm getting an error when I try to connect from a Windows machine. Here's Samba's log of the error (I've replaced the name of my domain for…

ubuntu kerberos samba4

asked Jul 04 '14 at 19:37

El Barto

votes

0 answers

User under windows server AD access Linux server using kerberos

I installed AD on windows 2008 r2 sp1 server . And had configured all things follow the…

windows-7 linux windows-server-2008-r2 authentication kerberos

asked Jul 02 '14 at 07:22

Wayne.Jiang

votes

1 answer

Clustered instance - kerberos double hop woes

We've recently migrated our virtualised SQL databases to a bare metal solution in an active/active cluster. Everything is working great except SQL Reports. Ok, so a rundown of our setup here as it relates to SQL and Reports: XXYYSQ01 is our old…

kerberos sql-server-2008-r2 ssrs

asked Jun 02 '14 at 07:16

Aaron Mason

votes

1 answer

LAMP server kerberos config to authenticate against a read only Windows KDC in a dmz

Background: We have a number of AD networks (domains) that are connected through VPNs and have established AD trust relationships. We have an externally hosted web server and have configured seamless authentication for any user within the trusted…

apache-2.2 active-directory kerberos dmz domain

asked May 13 '14 at 17:04

Jameel

votes

1 answer

cannot login to domain - kerberos issue?

We cannot login as domain admin on one server but can on others. When I looked at Active Directory, I can see that the computer object doesn't exist for the server we can't login to. There is, however a DNS record with the proper computer name. I…

active-directory windows-server-2012 kerberos

asked Apr 25 '14 at 17:49

mirkaim

Prev 1 2 3

…

75 76 Next