views:

82

answers:

2

If I wanna authenticate windows accounts to AD when a user browses to an apache-running site on a Linux server, here are the usual suspects:  

  • List item
  • mod_ntlm (which I used in a distant past) - last update on 2003
  • mod_auth_ntlm_winbind - last update on 04/2007
  • mod_auth_kerb - last update on 12/2008

No luck getting any of those to work with a recent, fully patched, windows 2000 AD server.

Do you have any clues as to a recipe that does work? 

-Peter

-- UPDATE

my current build environment is this:

  • OS: Ubuntu Lucid
  • Apache 2.2.14 (from repos)

the auth modules I recompiled from source.

A: 

Did you just try to drop binary modules onto an existing apache binary, or did you rebuild Apache and the modules from source on your system?

The last time I did this (admittedly 3+ years ago), I found a combination of Apache+mod_ntlm that worked, but I ended up using a less-than-current version of Apache, in order to match the version of mod_ntlm that I found. My conclusion at the time was that if I wanted current, I was going to have to rebuild Apache and mod_ntlm from source, and I didn't have the time to do that.

Unfortunately, that was two jobs ago, and I don't have access to the configuration details.

Craig Trader
good point, Trader! I added the description of my environment to the question. I did this back in 2004 with mod_ntlm, but I can't seem to duplicate it now. Also, having Ubuntu complicates things, as canonical folks seem to like to change the standard location where files and libraries are placed... Unfortunately that is the environment I have to work with.
Peter Carrero
Ah ... I was running Apache on Windows (don't ask why).
Craig Trader