Apache authentication: NTLM Single Signon: Difference between revisions

From Alpine Linux
No edit summary
mNo edit summary
Line 12: Line 12:


add to httpd.conf (virtual host):
add to httpd.conf (virtual host):
<pre>AuthType NTLM
{{cat|/etc/apache2/httpd.conf|AuthType NTLM
NTLMauth on
NTLMauth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
Require user <users>
Require user <users>
</pre>
}}


Ensure that all users requiring authentication are added to the last line.
Ensure that all users requiring authentication are added to the last line.

Revision as of 18:04, 7 December 2018

NTLM single sign on under Apache

Note: This guide assumes you have Samba configured and connected to a Windows domain

Install needed packages:

# apk add apache2 apache-mod-auth-ntlm-winbind

Add apache user to winbind group:

# addgroup <user> winbind

add to httpd.conf (virtual host):

Contents of /etc/apache2/httpd.conf

{{{2}}}

Ensure that all users requiring authentication are added to the last line.

Alternatively, allow all valid users who are members of the winbind domain with the following:

AuthType NTLM
NTLMauth on
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp -require-membership-of="WORKGROUP\Domain Users""
Require valid user

Restart apache and test:

# rc-service apache stop && rc-service apache start