LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 03-25-2013, 10:19 AM   #1
MeeLee
Member
 
Registered: Aug 2009
Posts: 48

Rep: Reputation: 3
Iptables for kerberos


Hello,

Does anyone know what port would need to be open on iptables to allow the

getent group

command to return users from Active directory?

Currently with iptables off I can execute both getent group and wbinfo -g and a list of both local and AD users is successfully returned.

With the firewall on, getent group only returns the list of local users and wbinfo -g still returns AD users.

Also, what kerberos ports should be open in general to allow tickets to be successfully renewed?

Ports currently open are tcp/udp:

88
749
754
4444

Any help would be much appreciated.

L
 
Old 03-25-2013, 12:25 PM   #2
vishesh
Member
 
Registered: Feb 2008
Distribution: Fedora,RHEL,Ubuntu
Posts: 647

Rep: Reputation: 66
I guess, You should also try by opening port tcp:389 and udp:53

Thanks
 
Old 03-27-2013, 11:01 AM   #3
MeeLee
Member
 
Registered: Aug 2009
Posts: 48

Original Poster
Rep: Reputation: 3
Quote:
Originally Posted by vishesh View Post
I guess, You should also try by opening port tcp:389 and udp:53

Thanks
Many thanks for this. It still doesn't work but that's not to say you haven't solved it, as it doesn't work anymore without iptables on...

...I think I need to re-join the domain, then getent group with the new rules and a new ticket in place.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables error in android: iptables-save and iptables-restore not working preetb123 Linux - Mobile 5 04-11-2011 01:56 PM
kerberos Xris718 Linux - Server 9 03-04-2011 02:03 PM
ssh and kerberos error: Server not found in Kerberos database Felipe Linux - Server 1 01-17-2011 03:12 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
iptables and kerberos BumSlayer Linux - Networking 0 02-12-2004 01:40 AM


All times are GMT -5. The time now is 12:35 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration