Hi All,
Just in case it's helpful to anybody. This is how I implemented SSO witn
NTLM authentication on SLES.
I know there is a howto about it on wiki but it was missing few bits in my
case.
1) Installed Apache2::AuthenNTLM module by running:
# perl -e shell -MCPAN
cpan[1]> install Apache2::AuthenNTLM
2) Edited /etc/apache2/httpd.conf and added
KeepAlive On
3) Edited /otrs Location in /etc/apache2/conf.d/otrs.conf and added
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName Basic
require valid-user
PerlAddVar ntdomain "DOMAIN dc1 dc2"
PerlSetVar defaultdomain DOMAIN
PerlSetVar ntlmdebug 0
where:
DOMAIN - name of our NT domain (just the first bit of the name, before the
first dot)
dc1, dc2 - names of our domain controllers (just the hostname, without
domain bit). Make sure you can ping those names
4) Edited Config.pm file and added
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'domain\\';
where
domain - name of our domain again
5) Added to /etc/hosts
IP_ADDR DOMAIN DOMAIN.CO.UK
where
IP_ADDR is the IP address of my primary domain controller
6) And the final bit (that took me few hours to work out btw) is to
addmod_perlto APACHE_MODULES in /etc/sysconfig/apache2
7) Restart apache and otrs
Once this is all done, I'm logged in automatically when going to OTRS login
page.
The only thing is that it only works when:
- I'm using Internet Explorer and the site is in 'Local Intranet' zone
- I'm on the local company network, ie. it doesn't work over vpn so it's not
perfect.
--
Kind Regards,
Robert
---------------------------------------------------------------------
OTRS mailing list: otrs - Webpage: http://otrs.org/
Archive: http://lists.otrs.org/pipermail/otrs
To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs
