Not logged in. · Lost password · Register
Forum: General Help and Support Features and Functionality RSS
Kerberos plugin?
Avatar
moboho #1
Member since Feb 2007 · 3 posts
Group memberships: Members
Show profile · Link to this post
Subject: Kerberos plugin?
Hi there,

my Dokuwiki driven Intranet ist protected by an .htaccess on top of the documents tree. The problem is, that when I remove this protection, I have to password enable every user who wants to participate. Every time someones login there is a pink info bar on top of the page telling that the username a/o password is wrong. I guess, Dokuwiki gets these from apache.

The central management of passwords is what I want to keep, so: Is there a Kerberos authentication plugin around there? Or which files do I have to adjust to get a Kerberos login working?

Any hint?

Thanks in advance
-markus
Avatar
BlackFog #2
Member since May 2006 · 95 posts
Group memberships: Members
Show profile · Link to this post
I have a working ADS config (derived) from the dokuwiki wiki:
Quote by local.protected.php:
$conf['auth']['ldap']['server']              = 'subdomain.domain.tld';
$conf['auth']['ldap']['binddn']             = '%{user}@%{server}';
$conf['auth']['ldap']['usertree']           = 'cn=Users,dc=subdomain,dc=domain,dc=tld';
$conf['auth']['ldap']['userfilter']           = '(userPrincipalName=%{user}@%{server})';
$conf['auth']['ldap']['mapping']['name'] = 'displayname';
$conf['auth']['ldap']['mapping']['grps']  = array('memberof' => '/CN=(.+?),/i');
But I can't say anything to a native Kerberos plugin.

BlackFog
Avatar
moboho #3
Member since Feb 2007 · 3 posts
Group memberships: Members
Show profile · Link to this post
This looks pretty good. And quite easy. I will try this, thanks.
Avatar
moboho #4
Member since Feb 2007 · 3 posts
Group memberships: Members
Show profile · Link to this post
In reply to post #2
Another question regarding your ADS configuration: It seems to be a native LDAP connection. Do you know which port is used while connecting to the Windows machine? I use the default Kerberos one with UDP/88. Every others are blocked by a firewall.
Avatar
BlackFog #5
Member since May 2006 · 95 posts
Group memberships: Members
Show profile · Link to this post
Sry for the late answer, port 389 is used for LDAP.


BlackFog
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Go to forum
Imprint
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Current time: 2019-05-24, 09:25:57 (UTC +02:00)