Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1758): [client 10.105.5.131] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1758): [client 10.105.5.131] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1264): [client 10.105.5.131] Acquiring creds for HTTP/<FQDN>@<LOCAL.DOMAIN>
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1411): [client 10.105.5.131] Verifying client data using KRB5 GSS-API
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1427): [client 10.105.5.131] Client didn't delegate us their credential
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1446): [client 10.105.5.131] GSS-API token of length 22 bytes will be sent back
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1758): [client 10.105.5.131] kerb_authenticate_user entered with user (NULL) and auth_type Kerberos
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1264): [client 10.105.5.131] Acquiring creds for HTTP/<FQDN>@<LOCAL.DOMAIN>
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1411): [client 10.105.5.131] Verifying client data using KRB5 GSS-API
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1427): [client 10.105.5.131] Client didn't delegate us their credential
- [Thu Jun 11 18:04:21 2015] [debug] src/mod_auth_kerb.c(1125): [client 10.105.5.131] GSS-API major_status:00090000, minor_status:00000000
- sudo kinit -t /etc/krb5.keytab HTTP/<FQDN>
- Credentials cache: FILE:/tmp/krb5cc_0
- Principal: HTTP/<FQDN>@<LOCAL.DOMAIN>
- Issued Expires Principal
- Jun 11 17:21:58 2015 Jun 12 00:01:57 2015 krbtgt/<LOCAL.DOMAIN>@<LOCAL.DOMAIN>
- [libdefaults]
- ticket_lifetime = 24000
- default_realm = <LOCAL.DOMAIN>
- dns_lookup_realm = false
- dns_lookup_kdc = false
- default_keytab_name = /etc/krb5.keytab
- rdns = false
- [realms]
- KC.KPLUS = {
- kdc = <dc.ip>:88
- admin_server = <dc.ip>:88
- default_domain = <LOCAL.DOMAIN>
- }
- [domain_realm]
- .<local.domain> = <LOCAL.DOMAIN>
- <local.domain> = <LOCAL.DOMAIN>
- [appdefaults]
- pam = {
- debug = false
- ticket_lifetime = 36000
- renew_lifetime = 36000
- forwardable = true
- krb4_convert = false
- }
- AddHandler cgi-script .cgi .pl
- Options +ExecCGI
- DirectoryIndex index.pl
- AuthName "<LOCAL.DOMAIN>"
- AuthType Kerberos
- Krb5Keytab /etc/krb5.keytab
- KrbAuthRealm <LOCAL.DOMAIN>
- KrbMethodNegotiate on
- KrbServiceName HTTP/<FQDN>@<LOCAL.DOMAIN>
- KrbMethodK5Passwd off
- KrbSaveCredentials on
- KrbVerifyKDC off
- Require valid-user
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement