Apache authentication: NTLM Single Signon: Difference between revisions

From Alpine Linux
m (Added clarification that this doc is apache only, not samba howto)
No edit summary
Line 5: Line 5:
  samba (joined to a Windows Domain) with winbind running<br />
  samba (joined to a Windows Domain) with winbind running<br />
<br />
<br />
add apache user to winbind group<br />
Note: This howto does not show how to join Samba to a Windows domain, only how to setup the Apache authentication helper that uses the NTLM protocol while authenticating to such a domain.
Note: This howto does not show how to join Samba to a Windows domain, only how to setup the Apache authentication helper that uses the NTLM protocol while authenticating to such a domain.
add to httpd.conf (virtual host):<br />
add to httpd.conf (virtual host):<br />

Revision as of 09:12, 8 June 2011

NTLM single sign on under Apache
Install needed packages (you will need both the main and testing repositories from edge):

apache2
apache-mod-auth-ntlm-winbind
samba (joined to a Windows Domain) with winbind running


add apache user to winbind group
Note: This howto does not show how to join Samba to a Windows domain, only how to setup the Apache authentication helper that uses the NTLM protocol while authenticating to such a domain. add to httpd.conf (virtual host):

AuthType NTLM
NTLMauth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
Require user jbilyk

Don't forget to customize the final line with the username(s) that you wish to limit usage to. Alternatively, make the final line "Require valid user" and change the helper line to inlude something like "-require-membership-of="WORKGROUP\Domain Users"".
Restart apache and test