Ridiculously simple NTLM Authentication for Apache (Ubuntu)
Posted on March 9, 2010
We all know Ubuntu makes things amazingly simple. This is the best I've found so far. NTLM authentication in Apache used to take a while to setup, it used to be tricky, fiddly - generally a bit hit and miss.
Now, in Ubuntu all we need to do is install libapache2-authenntlm-perl
- apt-get install libapache2-authenntlm-perl
Done.
Now just edit your apt-get'ed Apache installation and modify your Directory options
- nano /etc/apache2/sites-enabled/000-default
apac
- <Directory />
- Options FollowSymLinks
- AllowOverride None
-
- PerlAuthenHandler Apache2::AuthenNTLM
- AuthType ntlm
- AuthName "Hill Hire plc"
- require valid-user
- PerlAddVar ntdomain "!!DOMAIN NAME!! !!LOGON SERVER!!"
- PerlSetVar defaultdomain !!DOMAIN NAME!!
- PerlSetVar ntlmsemtimeout 2
- PerlSetVar ntlmdebug 1
- PerlSetVar splitdomainprefix 1
-
- </Directory>
Restart apache and your on tea isn't even cool enough to drink yet.
Related posts
- NTLM Authentication on Ubuntu and Apache2 Revisited
It's been a while since I've had to build an NTLM integrated Apache2 server. So... - NTLM Authentication for apt-get’ed Ubuntu
Following on from NTLM Authentication on Ubuntu and Apache2 Revisited this morning, this is how... - NTLM Authentication (Active Directory) on Apache (Linux)
Here is a quick guide to enabling NTLM authentication for Apache 2. I generally use... - Super simple Active Directory with Samba
I needed a super simple, straight forward way of installing samba on Ubuntu and joining... - Simple install of memcached on Ubuntu
Memcached is a free, high performance distributed memory object caching system. In English, it can...
April 21st, 2010 - 11:58
It works fine, but I always get the following error in the log:
[error] Bad/Missing NTLM/Basic Authorization Header for /test.php
How to get rid of it?
February 28th, 2011 - 17:17
Cool but it doesn’t work ^^ [error] Wrong password/user (rc=3/1/327681) cool
March 21st, 2011 - 17:28
not sure why I’m getting this message, even apt-get reported libapache2-authenntlm-perl is installed and current.
Invalid command ‘PerlAuthenHandler’, perhaps misspelled or defined by a module not included in the server configuration
Action ‘start’ failed.
March 30th, 2011 - 14:44
Endre, mine is ok too, but with that error message. Looking on the web I saw this:
“I have the same error messages in logs while NTLM auth works just OK. I poke to the code an it seems like just a debug message that gets logged as an error by Apache (while it’s not an error). The idea is that the first request coming from a HTTP-client is surely lacking NTLM/basic auth header, then the actual auth’n takes place and then all subsequent requests go with the right header.”
http://objectmix.com/apache/691280-apache2-authenntlm-mod_perl-2-0-2-apache-2-2-2-problems-2.html
So, I think we just ignore the error?
May 25th, 2011 - 02:13
Hi there, I get: “[Wed May 25 11:13:25 2011] [error] Connect to SMB Server failed (pdc = ndc01dc.nextdc.local bdc = domain = nextdc.local error = -11/0) for /”
Is there any requirement at the ad end? I have tried a heap of ways to do this and they all have failed…
Any help/ideas would be appreciated.
August 28th, 2011 - 21:08
Graham Ernst: as pdc enter ndc01dc (without domain)