You are not logged in.

Announcement

 Téléchargez la dernière version stable de GLPI      -     Et vous, que pouvez vous faire pour le projet GLPI ? :  Contribuer
 Download last stable version of GLPI                      -     What can you do for GLPI ? :  Contribute

Pages: 1

#1 2018-03-17 23:49:48

Bedoui
Member
Registered: 2017-08-10
Posts: 68

Enable SSO (kerberos) with GLPI : problems

I'm using GLPI 9.1.2 packaged with EyesOfnetwork (centos 7 )
I'm looking to enable single sign on against active directory .

the FQDN are added to the local Interent sites on Internet Explorer

On the AD i generate a   keytab   file based on specific user credentials  .

under   /etc/krb5.conf   , i fill the file like this :

[libdefaults]
default_realm = GCT.COM.TN
[realms]
GCT.COM.TN = {
kdc = srv-adgctgab.gct.com.tn
admin_server = srv-adgctgab.gct.com.tn
}
[domain_realm]
srv-adgctgab.gct.com.tn = GCT.COM.TN
.srv-adgctgab.gct.com.tn = GCT.COM.TN

I make an   ntpdate   between a glpiServer and AD

Finally on changing glpi.conf this keys KrbAuthRealms ,KrbServiceName ,Krb5KeyTab ,KrbMethodNegotiate ,KrbMethodK5Passwd are not coloried   is that mean apache don't reconginze them ?

<Directory /srv/eyesofnetwork/glpi>
AuthType kerberos
AuthName "kerberos authenticated"
KrbAuthRealms GCT.COM.TN
KrbServiceName HTTP/eonHelpdesk.gct.com.tn@GCT.COM.TN
Krb5KeyTab /etc/eonHelpdesk.keytab
KrbMethodNegotiate ON
KrbMethodK5Passwd ON
require valid-user
Options None
AllowOverride Limit Options FileInfo
Require all granted
</Directory>

thanks for your time and support

Offline

#2 2018-03-21 11:18:26

Bedoui
Member
Registered: 2017-08-10
Posts: 68

Re: Enable SSO (kerberos) with GLPI : problems

Any alternnative to progress in this issue ? at least to understand the cause of problems

Offline

Pages: 1

Board footer

Powered by FluxBB