How do I get a 'passthrough' authentication to AD groups with apache - so that the browser does not a popup username/password box on windows clients ?
I've been using LDAP so far, it works but users get an extra hassle of adding their username and password.
Code:<Directory /var/www/vhosts/sitename/html> Options All ExecCGI -Indexes Order allow,deny Allow from all AuthLDAPAuthoritative on AuthType Basic AuthName "staff" AuthLDAPBindDN "cn=LDAP_BIND,cn=Users,dc=college,dc=internal" AuthLDAPBindPassword secret AuthLDAPURL ldap://server:389/dc=college,dc=internal?sAMAccountName?sub?(objectClass=*) AuthName "secure" require group cn=Staff,ou=staff,dc=college,dc=internal </Directory>
Indeed, you must use NTLM authentication if you want authentication to be transparent.
I'd been avoiding seting up winbind on this box, but the webmanager wanted smb access anywaya *nix server?
If *nix, kerberos, winbind and mod_auth_ntlm_winbind are your friends.
There are currently 1 users browsing this thread. (0 members and 1 guests)