On 29/06/16 11:03, Werner Flamme wrote:
Paul Groves [29.06.2016 11:32]:
Hi All,
Still trying to figure this one out. Had no response at all from the apache forum.
Just to recap, We have a windows domain and an opensuse 42.1 apache 2.4 web /Lamp server
I have set up Yast > Windows Domain Membership and I can log in as a domain user successfully. in the command line.
Now we have several websites that need to use active directory authentication. (osticket and some of our own creations). This is where I am stuck. I cannot figure out how to get apache to use this authentication method. What do you mean by "SSO" and "active directory authentication"? Do you want the users to log in via username and password, and have apache verfify this agains LDAP, or do you want to login passwordless via Kerberos ticket?
If you want to use AD as LDAP, it is quite simple. But you need a user in AD that is allowed to check the user/password combination. Howtos are easily found using a search engine of your choice, as I did ... and found <http://www.held-im-ruhestand.de/software/apache-ldap-active-directory-authentication.html>, for example. Maybe you prefer <https://support.microsoft.com/en-us/kb/555092>, which shows another way to do it (as can be expected by M$ :D)
HTH, Werner
by sso I mean single sign on (like in IIS) so that when a domain user logged in opens Internet explorer it logs in automatically (firefox and chrome prompt for login). Exactly like on our IIS server. Which way would you reccomend? Worst case scenario, I would at least like to be able to authenticate against AD with apache even if it is not automatic. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org