mod_vas_auth, Apache2, svn and AD groups
Hi,I've setup mod_vas_auth to authenticate users and control access to Subversion repositories.It succeeds when the AuthzSVNAccessFile file contains username (from the AD).Does anyone knows if I can...
View ArticleStuck with kerberos authentication to Sharepoint
I have to connect to MS IIS server using SPNEGO token with Kerberos ticket inside, exactly as Internet Explorer does it.If I use java GSSManager.initiateContext() it does request tickets with incorrect...
View ArticleKerberos SSO with 1 way Trust
I had configured a Kerberos SSO with 1way trust between two domain... But on logging in i am getting the following exception...[DEBUG] Thu Oct 25 02:56:04 PDT 2012 jcsi.kerberos: resetting...
View ArticleSegmentation fault when mod_auth_vas finds no matches
Hello,We are using mod_auth_vas.so 3.6.7 with Oracle HTTP Server which is effectively Apache 2.0. Recently, we have noticed that an Apache process is terminated with a segmentation fault in case of...
View Articlejavax.security.auth.login.LoginException: Could not obtain TGT
Hi,Not sure if this is the correct place to post this question, but we are getting this error when trying to authenticate a user. This seems to happen only sporadically.May I know what are the possible...
View ArticleVAS-Authentication without HTTP/ -Service-Account?
Hi everybody!I am trying to bring up VAS authentication for one of our webservers. The machine has been joined to our AD previously and unix user authentication is working fine.Unfortunately our rights...
View Articlevasd won't stop
On a couple AIX 5.3 servers (running DB2), the vasd daemons cannot be stopped by using "/etc/rc.d/init.d/vasd stop". Instead, I have to "kill" the processes in order for them to stop.vasd reports...
View Articlecross-forest authentication - failed to get ldap/ service ticket
Hi all,I'm struggling with a weird problem, I hope you can help ...We have two forests, which are trusted both ways:A.DOM (4x DC's dc1/dc2/dc3/dc4.a.dom)B.NET (4x DC's dc1/dc2/dc3/dc4.b.net)UNIX User:...
View Articleorg.ietf.jgss.GSSException, Channel binding mismatch
I am getting this Exception when I am trying to do SPNEGO on IE8 over HTTPS. It works fine for CHROME of FIREFOX.com.wedgetail.idm.sso.ProtocolException:...
View ArticleCreate pre-auth computer object with vastool
Hi, I need to be able to create computer objects with vastool instead of being forced to log in to a windows server, run a vbs, and then drag'n'drop the object to the correct OU (OU varies alot).It...
View ArticleProblems Compiling MAV on AIX 6.1/XLC/IBMIHS 7.0.0.23
Greetings all.I am trying to compile MAV 3.6.7 on AIX 6.1/XLC/IBMIHS 7.0.0.23. I tried using the precompiled 3.6.4 module, but Apache doesn't like that. Here is the output from the configure...
View ArticleCrash when authenticating
I'm seeing the following crash during authentication:glibc detected *** /usr/java/jdk1.6.0_25/bin/java: free(): invalid pointer: 0x0000000041e33450 ***======= Backtrace:...
View ArticleUsing Cached Kerberos Ticket to Authenticate SMB Share
I am using Quest Authentication Services to integrate my Linux systems with our lab domain. I want to use the cached kerberos tickets to authenticate without providing a password when mounting an...
View ArticleREMOTE_USER value
We are trying to integrate mod_auth_vas into Blackboard for user authentication.Blackboard is a J2EE based virtual learning environment. Actually, it's a mixture of Java and Perl.It running on Apache...
View ArticleWrong ticket encryption for W2K clients only causes VSJ to fail
Hi,I am facing the following problem.The Windows service account used for Vintela SSO is set up using "Use DES encryption for this account". The keytab is created with ktpass ... -crypto DES-CBC-MD5...
View ArticleMAV and cross-forest authentication problems
Our setup is as follows:====2 Windows 2003 functional-level forests, FOO.COM and BAR.COM, that mutually (two-way) trust each other. FOO.COM <-- forest trust --> BAR.COMFurthermore, there's a...
View ArticleNTLM SMB issue - Could not get valid NTLM challenge from ........
I'm trying to debug an issue with NTLM failback, I have the filter configured correctly as per any other deployments.I'm able to authenticate users correctly using Kerberos, but I have noticed in the...
View ArticleUsing VAS Apache Module on Multiple Apache instances
Hi all, - I have a Web Server configured with 2 Apache Instances, each instance running as different user and port. - I configured the VAS module for Active Directory Authentication on both instances...
View ArticleVAS+RHEL5+NFS
Hey all -As the subject suggests, I'm trying to use VAS+RHEL5+NFS, and I'm running into an issues with rpcsvcgssd on the NFS server. It fails to start with the following error:Starting RPC svcgssd:...
View Article