Next Active Directory Integration

From Michael's Information Zone
Revision as of 17:19, 5 December 2017 by Michael.mast (talk | contribs) (Created page with "Installing for WP **VERSION-HERE** with SSO enabled.<br> Looking to use kerberose for this one, eventually replacing with SAML. <br> <br> DUMP OF NOTES HERE <ref>https://activ...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Installing for WP **VERSION-HERE** with SSO enabled.
Looking to use kerberose for this one, eventually replacing with SAML.

DUMP OF NOTES HERE [1]

  • mv kerberos.keytab /var/www/html/
  • chown apache:apache /var/www/html/kerberos.keytab
  • kinit -p admin@domain.tld
  • yum install mod_auth_gssapi
  • nano /etc/httpd/conf.d/vhosts.conf

[2] 

<Location /private>
    AuthType GSSAPI
    AuthName "GSSAPI Single Sign On Login"
    GssapiCredStore keytab:/etc/httpd.keytab
    Require valid-user
</Location>
  • nano /etc/httpd/conf.d/vhosts.conf
  • https://active-directory-wp.com/docs/Networking/Single_Sign_On/Kerberos_SSO_with_Apache_on_Linux.html
  • https://github.com/modauthgssapi/mod_auth_gssapi
    • Retrieved from "https://wiki.1701technology.com/index.php?title=Next_Active_Directory_Integration&oldid=550"