After AD Admin added a SQL server SPN using the setspn tool, the linux server is not able to use the SPN using MS SQL Server ODBC Driver 18 with error “[HY000] [Microsoft][ODBC Driver 18 for SQL Server]SSPI Provider: Server not found in Kerberos database” I have a working kerberos based authentication to one server (dev), and I am trying
Tag: kerberos
Windows AD and Its Key tab File
I just have a simple question . I have windows Active directory . I have created key tab file from it with command : Now as per my understanding this file consist of username along with its password in encrypted format. When I will try to authenticate with this keytab file, Request served by the file only or This will
Avoiding kinit when cache still has credentials
I have a systemd service that calls a webservice to perform some maintenance periodically (every minute). The service looks like: now this destroy and reinitializes my kerberos ticket every time. the kinit can take up to 2-3 min. I would like to avoid that step and only kinit if needed. any ideas? Answer After researching a bit more, I realized
401 SPNEGO SSO with Linux client
I can’t manage to configure my Ubuntu VM to single sign-on on my Spring Security web application under Spnego. Did I do anything wrong or am I missing something? I already got to SSO on a Windows 7 VM, so I believe it’s Linux specific. My configuration is detailed below. Infra I have four machines that run in two different
Identifying http request with KERBEROS from Java runing on Linux
I have some environment with both Linux and Windows servers. Authentication is handled by Kerberos. I want to make some JAVA code which automatically authenticates the http requests it makes as being done by the logged in user executing the program. For example, if I have this code: when I execute it from windows, it works out of the box.
Deal with Squid Kerberos auth and Squidguard ldapusersearch
I’m meeting troubles with Squid Kerberos auth and the Squidguard ldapusersearch who I use to apply acl by Active Directory groups membership. The problem is : Squid and Squidguard see my user as : user@domain.local so the ‘%s’ variable of squidguard is ‘user@domain.local’ Into my ldap query there is no default property who can interpret this string. Example : And
How to install a Kerberos server on Debian
I’m trying to build up a Kerberos Server on a Debian computer but I’m kind of lost with all the configuration files. Can anyone tell me any good step by step tutorial of how to install and configure a kerberos Server? Or what’s the best distriburion where I can install Kerberos? Answer Debian’s packages try to do most of the