+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 23 of 23
*nix Thread, Apache2 + AuthenNTLM +groups help needed in Technical; Mine is a 32bit server. Thwarted at every turn! It's a conspiracy I tell you! Why are there no official ...
  1. #16
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,009
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    Mine is a 32bit server. Thwarted at every turn! It's a conspiracy I tell you!
    Why are there no official packages for this? Is it something to do with M$ proprietry rubbish or something?
    Anyone else got a this file for 32 bit compiled for a recent version of Ubuntu?

  2. #17
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,009
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    Ok making some progress. I got it compiled with these files and instructions:

    Personal Bytes mod_ntlm2 on Apache 2.2.x

    Looking at the code block you gave me Geoff I have come to the conclusion you are using using mod_ntlm_winbind as only this has some of the directives you have listed.

  3. #18

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    perhaps. I have that module installed too..

  4. #19
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,009
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    You will be because mod_ntlm doesnt seem to do groups unless you use some very basic static list. Of course the search is broken on the samba site due to their search host going down and all the google links I tried send me to an old link that doesnt work! That about sums up my day :\

    Thanks for all the help I am sure once the samba site is fully operational I can use the method you described earlier.

  5. #20

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,804
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    You might also want to look at mod_auth_sspi while you're waiting.

    Apache module mod_auth_sspi

  6. #21
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,009
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    I thought that was for Apache on Windows server?

  7. #22
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    5,009
    Thank Post
    120
    Thanked 282 Times in 260 Posts
    Rep Power
    108
    Ok I have done this finally. The samba site search is still down but I found a reference from another website.
    So this does not end up being one of the hundred incomplete topics I have read on this topic I shall complete shall tell you what I have done and it can be wikified later.

    OS: Ubuntu 8.10
    Apache 2.2.9

    This assumes you have Samba and winbind already setup so you get use the following commands to get users and groups:

    Code:
    wbinfo -u
    wbinfo -g
    Use a "+" as your winbind seperator in your smb.conf as I could not get it to work with "\"

    I wanted NTLM authentication on Apache but I wanted to restrict the website to a certain group eg teachers. mod_ntlm will not do anything with groups. mod_ntlm_winbind will do as I want.

    Get it here:

    Index of /ftp/unpacked/lorikeet/mod_auth_ntlm_winbind

    You will need some complier tools and some apache dev tools so
    apt-get install build-essentials apache2-mpm-prefork-dev

    You may also need the package autoconf

    In the directory with mod_ntlm_winbind.c
    Code:
    ./configure
    apxs2 -DAPACHE2 -c -i mod_ntlm_winbind.c
    Once this is done it actually gives the module the name of

    Code:
    mod_auth_ntlm_winbind
    You then need to create a configuration file to load the mod in the apache mod dir.

    Code:
    nano /etc/apache2/mods-enabled/mod_auth_ntlm_winbind.load
    Then add the entry

    Code:
    LoadModule auth_ntlm_winbind_module /usr/lib/apache2/modules/mod_auth_ntlm_winbind.so
    The directive for the web directory is:

    Quote Originally Posted by Geoff View Post

    Code:
    AuthName "NTLM Authentication"
    NTLMAuth on
    NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp --require-membership-of=YOUR_DOMAIN+usergroup"
    NTLMBasicAuthoritative on
    AuthType NTLM
    NTLMBasicAuth on
    NTLMBasicAuthoritative on
    require valid-user
    Restart samba, winbind and apache2 or reboot if you are lazy.

    If you are getting 500 internal server errors then you need to change permission of the following file.

    Code:
    chmod 750 /var/run/samba/winbindd_privileged
    Add apache user (www-data) to the group winbindd_priv

    Code:
    usermod -G winbindd_priv www-data
    and restart winbind.

    That should get you going

  8. #23

    Join Date
    Jun 2014
    Posts
    1
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0
    Hi ChrisH
    Can you please guide me throw the instalation of the Apache2::AuthenNTLM. I followed the documentation from here but with no luck
    Any help or idea would be much appreciated.
    Thank you.

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. Apache2, Ubuntu and proxying
    By localzuk in forum *nix
    Replies: 5
    Last Post: 7th June 2008, 10:12 PM
  2. Apache2 SSL
    By Jackd in forum *nix
    Replies: 12
    Last Post: 5th December 2007, 01:15 PM
  3. Apache2 & LDAP
    By jasonyates in forum How do you do....it?
    Replies: 4
    Last Post: 6th November 2007, 10:03 AM
  4. Mapping AD groups to Unix groups
    By localzuk in forum *nix
    Replies: 23
    Last Post: 11th February 2007, 08:57 PM
  5. advice needed on weather a new server is needed
    By projector1 in forum Hardware
    Replies: 3
    Last Post: 24th February 2006, 09:20 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •