LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Mod_auth_kerb and one way trust
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 11-11-2015, 09:35 AM   #1
cmap16
LQ Newbie
 
Registered: Nov 2015
Posts: 1

Rep: Reputation: Disabled
Mod_auth_kerb and one way trust

hi folks,
Hoping someone can help. We have a sles 11 sp4 server that can authenticate ok to an overall domain and subdomains that have trusts. Our krb5.conf just has the overall domain in it and the subdomains do work as if by magic.

Apache 2.2.23, mod_auth_kerb 5.4.

We have a new domain thats been added to the trusts of this overall domain as a one way trust - it trusts the overall domain. I'm told this means the groups are nested in this overall domain. I can run wbinfo -u "subdomain/user" and pull back the sid. I can't however check the group for example with wbinfo -g group, or the whole domain with wbinfo -u | grep subdomain which I can with the others.

I'm thinking this isn't working because of the one way trust and mod_auth_kerb is seeing them as on pass through user@subdomain and not this overall nested domain - is there any way to get this to work in krb5 config perhaps or active directory config thats missing ?

The apache error is "invalid token, no error" and sometimes "client not found in kerberos database". They get login prompted their end and do have integrated windows authentication ticked. Am I even on the right track ? Any pointers much appreciated or even how to debug it further. Thanks
Ely
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
trust AODV udaya shree Linux - Networking 1 03-03-2015 12:33 PM
[SOLVED] mod_auth_kerb compiling problems jeffmonte Linux - Server 3 04-18-2013 09:38 AM
mod_auth_kerb+Mozilla browser in windows + apache server in Linux kulg123 Linux - Software 0 07-08-2008 12:09 AM
M$ trust them? fatpig General 9 02-05-2002 11:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 01:54 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration