Sponsored Link

Apache2 : Kerberos Authentication2019/01/25

Limit accesses on specific web pages and use Windows Active Directory users for authentication with SSL connection.
Domain Server : Windows Server 2016
NetBIOS Name : FD3S01
Domain Name :
Hostname :
[1] For example, set Kerberos Authentication under the directory [/srv/www/htdocs/auth-kerberos] and also set to be required SSL/TLS settings.
# add extension module first

www:~ #
SUSEConnect -p PackageHub/15/x86_64
www:~ #
zypper -n install apache2-mod_auth_kerb
www:~ #
a2enmod auth_kerb

www:~ #
vi /etc/krb5.conf
# line 9: uncomment and change to your Realm

default_realm =
# add under the [realms] section

    SRV.WORLD = {
        kdc =
        admin_server =
# create keytab HTTP/[AD's hostname or IP address]@[Realm name]

www:~ #
echo "HTTP/" > /etc/apache2/krb5.keytab
www:~ #
vi /etc/apache2/conf.d/auth_kerberos.conf
# create new

<Directory /srv/www/htdocs/auth-kerberos>
    AuthType Kerberos
    AuthName "Kerberos Authntication"
    KrbAuthRealms SRV.WORLD
    Krb5Keytab /etc/apache2/krb5.keytab
    KrbMethodNegotiate Off
    KrbSaveCredentials Off
    KrbVerifyKDC Off
    Require valid-user

www:~ #
systemctl restart apache2
# create a test page

www:~ #
mkdir /srv/www/htdocs/auth-kerberos

www:~ #
vi /srv/www/htdocs/auth-kerberos/index.html
<div style="width: 100%; font-size: 40px; font-weight: bold; text-align: center;">
Test Page for Kerberos Auth
[2] Access to the test page from a client computer with a web browser. Then authentication is required like follows as a setting, answer with a user which is added in Active Directory.
[3] Just accessed.
Matched Content