Is Kerberos Required on Linux to Enable NTLM Authentication ONLY Using Samba / Winbind to a Windows AD Domain?
Denis Cardon
denis.cardon at tranquil-it-systems.fr
Sat Nov 22 10:29:26 MST 2014
Hi Vince,
> I think I may be working of bad setup instructions which never mention any Kerberos setup pre-requisite prior to installing & configuring Samba / Winbind on a Linux box for the sole purpose of enabling NTLM authentication to a Windows AD domain to connect to a Share Point site (which uses that authentication).
>
> So the question... Is Kerberos Required on Linux to Enable NTLM Authentication ONLY Using Samba / Winbind to a Windows AD Domain?
it is much easier to configure sso through kerberos. You can check on a
win7 desktop if internet explorer has negotiated kerberos or ntlm auth.
After connecting to your sharepoint, you check if you have a ticket in
your kerberos credential cache using the command klist. You should have
something like HTTP/myserver.mydomain.local at MYDOMAIN.LOCAL.
If it is the case, then you install krb5-user/krb5-workstation and edit
your /etc/krb5.conf file, then try kinit. If it works, in your firefox,
you go in about:config and add your dns domain in the
network.negotiate-auth.trusted-uris key.
Hope this helps,
Denis
>
> Thanks... Vince
>
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr
More information about the samba-technical
mailing list