apache and kerberos
Hey i am trying to authenticate my apache to active directory true kerberos. But i keep getting this error in my apache logs:
krb5_get_init_creds_password() failed: Cannot find KDC for requested realm however everything seems to be awright in my opinion can someone take a look. httpd.conf looks like this -------------------------- <Directory /home/vanessa/> Options FollowSymLinks AllowOverride None AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd On KrbAuthRealms SERVER.EXAMPLE.COM Krb5KeyTab /etc/temp/auth_kerb.keytab require valid-user </Directory> /etc/temp/auth_kerb.keytab looks like this --------------------------- HTTP/SERVER.EXAMPLE.COM@EXAMPLE.COM krb5.conf looks like this -------------------------- [libdefaults] ticket_lifetime = 24000 default_realm = EXAMPLE.COM dns_lookup_realm = false dns_lookup_kdc = false [realms] EXAMPLE.COM = { kdc = SERVER.EXAMPLE.COM:88 } [domain_realm] .example.com = EXAMPLE.COM example.com = EXAMPLE.COM [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } ____________________________________ Then i try localhost/vanessa a popup appears where i need to type in credentials from active directory, i pass them in correctly. and then it pops up again and again and again and again. Then i viewed the apache error logs==> krb5_get_init_creds_password() failed: Cannot find KDC for requested realm Help? |
Hey there did you get this one to work? Having similiar issues but am outa steam too, so just browsin' old threads :-)...
Basically your apache is saying, that it can't find any KDC(your domain controller), so the authentication is failing. Perhaps, did you try to authenticate using Code:
kinit -k Code:
kinit someuser@EXAMPLE.COM Code:
kinit -k HTTP/SERVER.EXAMPLE.COM@EXAMPLE.COM |
All times are GMT -5. The time now is 08:22 PM. |