On Feb 17, 2009, at 7:50 PM, Christopher Chan wrote:
>
>> If you have a lot of hosts that need access to winbind mapped
>> UIDs/GIDs instead of setting up winbind everywhere and having a
>> administrative headache if the RID mapping gets messed up on one
>> host,
>> setup a winbind to NIS serv
> If you have a lot of hosts that need access to winbind mapped
> UIDs/GIDs instead of setting up winbind everywhere and having a
> administrative headache if the RID mapping gets messed up on one host,
> setup a winbind to NIS server that puts the mappings into NIS maps and
> propagate the inform
On Tue, Feb 17, 2009 at 2:59 PM, Kanwar Ranbir Sandhu
wrote:
> On Tue, 2009-02-17 at 10:27 -0700, Joseph L. Casale wrote:
>> I haven't tried this one, but make note it lacks NTLMv2 and group support
>> which made it non usable in my environment. Like Filipe suggested
>> mod_auth_ntlm_winbind addre
On Tue, Feb 17, 2009 at 12:24 PM, Joseph L. Casale
wrote:
>>Ok, here are the default settings that my kickstart file creates to
>>allow me to join the domain and have samba manage the keytab.
>
> Ross,
> I was out of town and missed this thread which is of great interest to me
> as well. When you
On Tue, Feb 17, 2009 at 2:18 PM, Kanwar Ranbir Sandhu
wrote:
> On Tue, 2009-02-17 at 14:07 -0500, Kanwar Ranbir Sandhu wrote:
>> On Mon, 2009-02-16 at 20:36 -0500, Ross Walker wrote:
>> > In Firefox go to your about:config page and scroll down to:
>> >
>> > network.negotiate-auth.delegation-uris
>
On Tue, 2009-02-17 at 10:27 -0700, Joseph L. Casale wrote:
> I haven't tried this one, but make note it lacks NTLMv2 and group support
> which made it non usable in my environment. Like Filipe suggested
> mod_auth_ntlm_winbind addresses this but it appears it's not actively
> maintained and I got s
On Tue, 2009-02-17 at 14:07 -0500, Kanwar Ranbir Sandhu wrote:
> On Mon, 2009-02-16 at 20:36 -0500, Ross Walker wrote:
> > In Firefox go to your about:config page and scroll down to:
> >
> > network.negotiate-auth.delegation-uris
> >
> > and
> >
> > network.negotiate-auth.trusted-uris
> >
> > a
On Mon, 2009-02-16 at 20:36 -0500, Ross Walker wrote:
> In Firefox go to your about:config page and scroll down to:
>
> network.negotiate-auth.delegation-uris
>
> and
>
> network.negotiate-auth.trusted-uris
>
> and for their string values enter your DNS domain to allow kerberos
> negotiation an
>Too bad. However, based on your information I found this on Google:
>
>http://sivel.net/2007/05/sso-apache-ad-1/
>
>Thanks Filipe. Now I guess I can have a crack at this too.
I haven't tried this one, but make note it lacks NTLMv2 and group support
which made it non usable in my environment. Like
>Ok, here are the default settings that my kickstart file creates to
>allow me to join the domain and have samba manage the keytab.
Ross,
I was out of town and missed this thread which is of great interest to me
as well. When you say "have samba manage the keytab" do you mean not use one
as have a
>-Original Message-
>From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf
>Of Ross Walker
>Sent: Tuesday, February 17, 2009 2:36 AM
>To: CentOS mailing list
>Subject: Re: [CentOS] Practical experience with NTLM/Windows Integrated
>Authenti
On Mon, Feb 16, 2009 at 8:34 PM, Christopher Chan
wrote:
> Thanks Ross, much appreciated.
>
>
> Now I have to see if I can translate the necessary stuff to Ubuntu
> (Centos 5 did not cut it for desktop - cost me almost all the new Linux
> desktops but it sure was the easiest to install and setup.
On Mon, Feb 16, 2009 at 7:33 PM, Kanwar Ranbir Sandhu
wrote:
> On Tue, 2009-02-17 at 08:05 +0800, Christopher Chan wrote:
>> Maybe kerberos authentication?
>>
>> I have winbind authentication working here but I have yet to get
>> kerberos working to get SSO on Linux desktops.
>
> Isn't winbind eno
On Mon, Feb 16, 2009 at 6:03 PM, Kanwar Ranbir Sandhu
wrote:
> On Mon, 2009-02-16 at 15:21 -0500, Ross Walker wrote:
>
>> Avoid NTLM all together and use Kerberos between apache/squid, Active
>> Directory and the Windows and Linux clients.
>>
>> Firefox and IE both support Kerberos authentication.
Thanks Ross, much appreciated.
Now I have to see if I can translate the necessary stuff to Ubuntu
(Centos 5 did not cut it for desktop - cost me almost all the new Linux
desktops but it sure was the easiest to install and setup. Ubuntu is a
pain to get the debian-installer to do what kickstart
.@centos.org] On
>>>>
>>> Behalf
>>>
>>>> Of Christopher Chan
>>>> Sent: Monday, February 16, 2009 8:53 AM
>>>> To: CentOS mailing list
>>>> Subject: Re: [CentOS] Practical experience with NTLM/Windows
>>>> Integrat
Kanwar Ranbir Sandhu wrote:
> On Tue, 2009-02-17 at 08:05 +0800, Christopher Chan wrote:
>
>> Maybe kerberos authentication?
>>
>> I have winbind authentication working here but I have yet to get
>> kerberos working to get SSO on Linux desktops.
>>
>
> Isn't winbind enough? Afterall, winb
On Tue, 2009-02-17 at 08:05 +0800, Christopher Chan wrote:
> Maybe kerberos authentication?
>
> I have winbind authentication working here but I have yet to get
> kerberos working to get SSO on Linux desktops.
Isn't winbind enough? Afterall, winbind gets the kerberos ticket when
the user logs i
topher Chan
>>> Sent: Monday, February 16, 2009 8:53 AM
>>> To: CentOS mailing list
>>> Subject: Re: [CentOS] Practical experience with NTLM/Windows
>>> Integrated
>>> Authentication [Apache]
>>>
>>>
>>>
>>>&
Kanwar Ranbir Sandhu wrote:
> On Mon, 2009-02-16 at 15:21 -0500, Ross Walker wrote:
>
>
>> Avoid NTLM all together and use Kerberos between apache/squid, Active
>> Directory and the Windows and Linux clients.
>>
>> Firefox and IE both support Kerberos authentication. I believe apache/
>> squi
> -Original Message-
> From: centos-boun...@centos.org
> [mailto:centos-boun...@centos.org] On Behalf Of Kanwar Ranbir Sandhu
> Sent: Monday, February 16, 2009 5:56 PM
> To: centos@centos.org
> Subject: Re: [CentOS] Practical experience with NTLM/Windows
> Inte
On Mon, 2009-02-16 at 15:21 -0500, Ross Walker wrote:
> Avoid NTLM all together and use Kerberos between apache/squid, Active
> Directory and the Windows and Linux clients.
>
> Firefox and IE both support Kerberos authentication. I believe apache/
> squid do too, but you need a manually create
On Mon, 2009-02-16 at 09:13 +0100, Sorin Srbu wrote:
> Probably not, but I was thinking there may be some obscure package somewhere
> on the 'net to do this.
There is - I found it last year, and it works. I have everything on my
work PC, so I'll let the list know tomorrow or later this week.
Reg
On Sat, 2009-02-14 at 09:14 -0600, Jeff wrote:
> OK, so you say it's possible, but how about some hints? You're leaving
> us completely in the dark here.
The problem is I don't have a step-by-step procedure to give you because
I didn't document as I went along. Working in smaller company usually
ing list
>> Subject: Re: [CentOS] Practical experience with NTLM/Windows
>> Integrated
>> Authentication [Apache]
>>
>>
>>>> No, NTLM auth works in Firefox (at least on Firefox on Windows, I
>>>> don't think it will work in other platforms thou
>> I don't think any other OS other than Windows has NTLM bindings.
>>
>
> Probably not, but I was thinking there may be some obscure package somewhere
> on the 'net to do this.
>
Hahaha, and I was hoping to flush it/them out.
___
CentOS mailing
>-Original Message-
>From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf
>Of Christopher Chan
>Sent: Monday, February 16, 2009 8:53 AM
>To: CentOS mailing list
>Subject: Re: [CentOS] Practical experience with NTLM/Windows Integrated
>A
>> No, NTLM auth works in Firefox (at least on Firefox on Windows, I
>> don't think it will work in other platforms though).
>>
>
> It doesn't. NTLM auth to eg Sharepoint sites works fine with Firefox in
> Windows. Setting the same things in Firefox under linux and having it login
> to sharep
>-Original Message-
>From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf
>Of Filipe Brandenburger
>Sent: Monday, February 16, 2009 3:58 AM
>To: CentOS mailing list
>Subject: Re: [CentOS] Practical experience with NTLM/Windows Integrated
>A
Filipe Brandenburger wrote:
> Hi,
>
> On Sun, Feb 15, 2009 at 19:02, Christopher Chan
> wrote:
>
>> Have fun. Oh, I believe this will only work with IE clients on the
>> desktop side of things unless Mozilla or whatever else out there has
>> kerberos support too.
>>
>
> No, NTLM auth works
Hi,
On Sun, Feb 15, 2009 at 19:02, Christopher Chan
wrote:
> Have fun. Oh, I believe this will only work with IE clients on the
> desktop side of things unless Mozilla or whatever else out there has
> kerberos support too.
No, NTLM auth works in Firefox (at least on Firefox on Windows, I
don't t
Sven wrote:
> Hi folks
>
> I wish to migrate Windows IIS webserver to CentOS. Killer-Feature is
> SSO with Windows Integrated Authentication[0].
>
Cor...you are asking for a tough one here.
> Anyone have experience with such a setup and can say a few sentences
> how to do that and if its stable?
On Fri, Feb 13, 2009 at 8:22 PM, Kanwar Ranbir Sandhu
wrote:
> On Fri, 2009-02-13 at 12:11 +0100, Sven wrote:
>> I wish to migrate Windows IIS webserver to CentOS. Killer-Feature is
>> SSO with Windows Integrated Authentication[0].
>>
>> Anyone have experience with such a setup and can say a few s
Hi,
Last year I tried to get this working on a CentOS 4 server, but I
could not get it running.
I used this module at the time:
http://adldap.sourceforge.net/wiki/doku.php?id=mod_auth_ntlm_winbind
I spent some time trying to figure out what was the issue, but
eventually I just gave up. I believe
On Fri, 2009-02-13 at 12:11 +0100, Sven wrote:
> I wish to migrate Windows IIS webserver to CentOS. Killer-Feature is
> SSO with Windows Integrated Authentication[0].
>
> Anyone have experience with such a setup and can say a few sentences
> how to do that and if its stable?
I've done this on a f
Hi folks
I wish to migrate Windows IIS webserver to CentOS. Killer-Feature is
SSO with Windows Integrated Authentication[0].
Anyone have experience with such a setup and can say a few sentences
how to do that and if its stable?
kind regards
Sven Aluoor
(Please CC me I am not on the list)
[0] ht
36 matches
Mail list logo
