+ Post New Thread
Page 1 of 2 12 LastLast
Results 1 to 15 of 23
*nix Thread, Apache2 + AuthenNTLM +groups help needed in Technical; I have GLPI working on one of my Ubuntu servers with full NTLM. I want to make it so it ...
  1. #1
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106

    Apache2 + AuthenNTLM +groups help needed

    I have GLPI working on one of my Ubuntu servers with full NTLM. I want to make it so it only accepts one user group though.

    My current apache config is

    Code:
    <Directory "/var/www/ithelpdesk">
    PerlAuthenHandler Apache2::AuthenNTLM
    AuthType ntlm,basic
    AuthName GLPI
    require valid-user
    PerlAddVar ntdomain "DOMAIN DC1 DC2"
    PerlSetVar defaultdomain DOMAIN
    PerlSetVar splitdomainprefix 1
    PerlSetVar ntlmdebug 2
    PerlSetVar ntlmauthoritative off
    PerlsetVar basicauth off
    </Directory>
    Currently this authenticates everyone.
    I am not sure if what I want is possible with this method as I have tried alsorts of directive lines for groups.

    Any ideas?

    tia

    Chris

  2. #2
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    Ok if nobody knows the answer to this then how about me using a .htaccess to filter by group ? Is this possible? I can do the winbinf bit etc, it would just be the htaccess I would need some guidance on.

  3. #3

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    Code:
    require group admin
    ?

  4. #4
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    Quote Originally Posted by Geoff View Post
    Code:
    require group admin
    ?
    Is that a solution to my original query or the .htaccess? I have tried that with my original solution and it doesnt seem to work. I couldnt find any examples of it being used with groups either.
    I am willing to try another apache module as well if you can recommend one which will give me ntlm and allow me to use a require group directive.

    Rofl top google hit is this thread!

  5. #5

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    That was assuming you were going down the winbind route. Anyway, If you want straight NTLM...

    Code:
    AuthName "NTLM Authentication"
    NTLMAuth on
    NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp" --require-membership-of="YOUR_DOMAIN+administrators"
    NTLMBasicAuthoritative on
    AuthType NTLM
    NTLMBasicAuth on
    NTLMBasicAuthoritative on
    require valid-user

  6. #6
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    Thanks I will give that a go. Any quirks I should know about? Hmm what about the squid reference?

  7. #7

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    It's just the way ntlm auth talks to the client app.

  8. #8
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    What module needs to be enabled for this to work then as its moaning NTLMAuth is an invalid command.

  9. #9

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    mod_ntlm

  10. #10
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    Ok this has turned out to be more of a pain than I realised. I assume you are compiling you own as there are no packages? I cannot get it to compile on mine no matter what I try. I found a compiled one on the ubuntu forums but it says its for a different verion of apache grrr. Everything else is ready I just need to get a working mod_ntlm.so.

  11. #11

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    correct. I compiled my own.

  12. #12
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    Then you must have been using voodoo because eveytime I fix one error on the compiling it finds another. any chance you can attach yours?

  13. #13

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    here you go
    Attached Files Attached Files

  14. #14
    ChrisH's Avatar
    Join Date
    Jun 2005
    Location
    East Lancs
    Posts
    4,996
    Thank Post
    120
    Thanked 280 Times in 258 Posts
    Rep Power
    106
    wrong elfclass64.... Is your server 64 bit?

  15. #15

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,802
    Thank Post
    110
    Thanked 583 Times in 504 Posts
    Blog Entries
    1
    Rep Power
    224
    correct.

SHARE:
+ Post New Thread
Page 1 of 2 12 LastLast

Similar Threads

  1. Apache2, Ubuntu and proxying
    By localzuk in forum *nix
    Replies: 5
    Last Post: 7th June 2008, 10:12 PM
  2. Apache2 SSL
    By Jackd in forum *nix
    Replies: 12
    Last Post: 5th December 2007, 01:15 PM
  3. Apache2 & LDAP
    By jasonyates in forum How do you do....it?
    Replies: 4
    Last Post: 6th November 2007, 10:03 AM
  4. Mapping AD groups to Unix groups
    By localzuk in forum *nix
    Replies: 23
    Last Post: 11th February 2007, 08:57 PM
  5. advice needed on weather a new server is needed
    By projector1 in forum Hardware
    Replies: 3
    Last Post: 24th February 2006, 09:20 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •