Online demo Privacy policy GoBD notes Blog

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
current:single-sign-on [2015/08/04 13:16]
sj created
current:single-sign-on [2017/12/12 20:45] (current)
sj
Line 1: Line 1:
 ==== Single Sign-On (SSO) ==== ==== Single Sign-On (SSO) ====
  
-If you have a windows network with Active Directory, then it's possible to login with single sign-on. It means that your browser negotiates your authentication credentials with the server running piler.+If you have a windows network with Active Directory, then it's possible to login with single sign-on. It means that your browser negotiates your authentication credentials with the server running piler in the background.
  
 === Prerequisites=== === Prerequisites===
Line 7: Line 7:
 Make sure your clock is accurate, if necessary use ntpdate or other methods. Make sure your clock is accurate, if necessary use ntpdate or other methods.
  
-Verify /etc/resolv.conf settings to make sure your name resolution works properly. You may use the domain controllers as resolver dns servers.+Verify ///etc/resolv.conf// settings to make sure your name resolution works properly. You may use the domain controllers as resolver dns servers.
  
-Make sure /etc/samba/smb.conf is configured properly+Make sure ///etc/samba/smb.conf// is configured properly
  
 <code> <code>
Line 19: Line 19:
 </code> </code>
  
-How to setup on Debian / Ubuntu+=== How to setup on Debian / Ubuntu === 
  
 Install mod_auth_ntlm_winbind Install mod_auth_ntlm_winbind
Line 49: Line 50:
 </code> </code>
  
-How to setup on Centos 7+Note: With Samba 4, you need the following symlink: 
 + 
 +<code> 
 +ln -s /var/lib/samba/winbindd_privileged/pipe /var/run/samba/winbindd_privileged/pipe 
 +</code> 
 + 
 +=== How to setup on Centos 7 === 
  
 <code> <code>
Line 94: Line 102:
 Create a helper account in AD. It will help piler to query user data when someone logs in. Create a helper account in AD. It will help piler to query user data when someone logs in.
  
-Enable ntlm negotiation within the browser, and add the piler website+Enable NTLM negotiation within the browser, and add the piler website
  
 Firefox: Firefox:
Line 100: Line 108:
 <code> <code>
 about:config about:config
-network.negotiate-auth.trusted-uris +network.automatic-ntlm-auth.trusted-uris
 </code> </code>
  
Line 130: Line 138:
 With SSO enabled, users in the local database, eg. admin@local, should go to http://piler.yourdomain.com/login.php With SSO enabled, users in the local database, eg. admin@local, should go to http://piler.yourdomain.com/login.php
  
-If anything goes wrong, then be sure to set "LogLevel debug" in apache to see what's going on.+If anything goes wrong, then be sure to set "//LogLevel debug//" in apache to see what's going on.
  
Google Analytics Alternative