William Muriithi
2017-03-08 00:02:39 UTC
Hello,
I have an SVN server that I want to migrate from LDAP to Kerberos.
Below is the relevant version of the packages the system is using:
mod_auth_kerb-5.4-14.el6.x86_64
mod_dav_svn-1.9.4-3.x86_64
subversion-1.9.4-3.x86_64
After making the necessary changes to work with kerberos, users were
able to authenticate well but I noticed the users ID now had kerberos
REALM. So instead of william, the username changed to
***@ENG.EXAMPLE.COM. This was a problem because users started
having locking issue, but also meant authorisation was broken.
To fix this, I added "KrbLocalUserMapping On" on apache
configuration. However, some user started having problem
authenticating.I am certain the problem involve LocalUserMapping as I
had the same experience yesterday and the problem cleared after
commenting out. I have been unable to find the root cause and had to
reverse the change.
Have anyone seem such a problem before? Would be grateful for any pointer.
Regards,
William
I have an SVN server that I want to migrate from LDAP to Kerberos.
Below is the relevant version of the packages the system is using:
mod_auth_kerb-5.4-14.el6.x86_64
mod_dav_svn-1.9.4-3.x86_64
subversion-1.9.4-3.x86_64
After making the necessary changes to work with kerberos, users were
able to authenticate well but I noticed the users ID now had kerberos
REALM. So instead of william, the username changed to
***@ENG.EXAMPLE.COM. This was a problem because users started
having locking issue, but also meant authorisation was broken.
To fix this, I added "KrbLocalUserMapping On" on apache
configuration. However, some user started having problem
authenticating.I am certain the problem involve LocalUserMapping as I
had the same experience yesterday and the problem cleared after
commenting out. I have been unable to find the root cause and had to
reverse the change.
Have anyone seem such a problem before? Would be grateful for any pointer.
Regards,
William