Hi All,
Just in case it's helpful to anybody. This is how I implemented SSO witn NTLM authentication on SLES.
I know there is a howto about it on wiki but it was missing few bits in my case.
1) Installed Apache2::AuthenNTLM module by running:
# perl -e shell -MCPAN
cpan[1]> install Apache2::AuthenNTLM
2) Edited /etc/apache2/httpd.conf and added
KeepAlive On
3) Edited /otrs Location in /etc/apache2/conf.d/otrs.conf and added
PerlAuthenHandler Apache2::AuthenNTLM
AuthType ntlm,basic
AuthName Basic
require valid-user
PerlAddVar ntdomain "DOMAIN dc1 dc2"
PerlSetVar defaultdomain DOMAIN
PerlSetVar ntlmdebug 0
where:
DOMAIN - name of our NT domain (just the first bit of the name, before the first dot)
dc1, dc2 - names of our domain controllers (just the hostname, without domain bit). Make sure you can ping those names
4) Edited Config.pm file and added
$Self->{'AuthModule'} = 'Kernel::System::Auth::HTTPBasicAuth';
$Self->{'AuthModule::HTTPBasicAuth::Replace'} = 'domain\\';
where
domain - name of our domain again
where
IP_ADDR is the IP address of my primary domain controller
6) And the final bit (that took me few hours to work out btw) is to add mod_perl to APACHE_MODULES in /etc/sysconfig/apache2
7) Restart apache and otrs
Once this is all done, I'm logged in automatically when going to OTRS login page.
The only thing is that it only works when:
- I'm using Internet Explorer and the site is in 'Local Intranet' zone
- I'm on the local company network, ie. it doesn't work over vpn so it's not perfect.
--
Kind Regards,
Robert