[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [hobbit] Using ldap accounts with Xymon

To: Buchan Milne <bgmilne (at) staff.telkomsa.net>
Subject: Re: [hobbit] Using ldap accounts with Xymon
From: Stewart L <stewartl42 (at) gmail.com>
Date: Thu, 9 Apr 2009 07:28:49 -0400
Cc: hobbit (at) hswn.dk
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=b7EHmmD2JxXI1lMyXuEJDcnucqIGEA3tomkn84nR1EM=; b=ACih038RNxQmTU9x5WHx/orpfJ8iCIKfXTDYeO6v4NSG8Ij++I4Hm87UfYLhVxstE9 RlXXskucWZR94BUBqit2OSUbUTtmpFqh2s5VqbC/NJKccMgnCtHk0thLkGUcxkJbhJUv dv5UchV+2n/0hevZoUzjNXpAPZVV5/qKuJI8c=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=UWU4okbF4nk8NhvynlM5fvczasp5WDy6hksB/Uuz/QOkhpWa0Q8SomhIDvu8GmpBZ7 Cnt3YEjLdpBxwCpttzFOEk3IBCtAJitkC/xbtr1aLz3OYUNe0WjeaKLc3KpAgnvHnJX9 J8HAzKQe9jSji7bcmbjnjNgVNK5qSkpgktZ1A=
References: <49DBE349.000009.03588 (at) HOME2> <1d23acab0904071733p6f5cac2ekd042921807d36118 (at) mail.gmail.com> <200904090852.24480.bgmilne (at) staff.telkomsa.net>

I posted what I had because a bunch of folks asked me to off list.  While
not specific to LDAP, I'm sure some folks will find it useful.  Don't think
I mention NTLM or LDAP in the final docs I posted and the title was pretty
specific about where it worked.

Yes, I know it's Kerberos, not NTLM and I linked to the page where I gained
a bunch of this info which provides details on the keytabs for a bunch of
different environments.

Stewart

On Thu, Apr 9, 2009 at 2:48 AM, Buchan Milne <bgmilne (at) staff.telkomsa.net>wrote:

> On Wednesday 08 April 2009 02:33:40 Stewart L wrote:
> > I got this working RHEL5 against Active Directory.  Even got transparent
> > NTLM Authentication set up so it authenticates the user automatically.
>  I'd
> > be happy to share if you're looking at an AD environment.  Might work for
> > generic LDAP as well.
>
> Sorry to be pedantic, but the documentation you provided is not for NTLM
> authentication, but for Kerberized authentication. The Apache-related
> documentation should be valid in any Kerberos environment, but the details
> of
> how to issue keytabs depends on the implementation used for the KDC (e.g.,
> with Heimdal it is possible to create the keytab from the host that needs
> it,
> in place, no copying is required, but this is not the case with MIT).
>
> Your howto has nothing to do with LDAP btw ...
>



-- 
Stewart
--
If you see yourself in others, then whom can you harm?

References:
- Using ldap accounts with Xymon
  - From: Brian Catlin
- Re: [hobbit] Using ldap accounts with Xymon
  - From: Stewart L
- Re: [hobbit] Using ldap accounts with Xymon
  - From: Buchan Milne

Prev by Date: Which client-version for HPUX?
Next by Date: RE: [hobbit] undefined reference to `clock_gettime'
Previous by thread: Re: [hobbit] Using ldap accounts with Xymon
Next by thread: Lars-Ole G Nielsen/SCA/CSC is out of the office.
Index(es):
- Date
- Thread