Weird conn test ping output
list Josh Luthman
Today I have a conn test that is saying this: x.x.105.219 is alive (54.7 ms) [<- x.x.98.226] The history has always said this: x.x.105.XXX What's with the square bracket IP??? Josh Luthman Office: XXX-XXX-XXXX Direct: XXX-XXX-XXXX XXXX Wayne St Suite XXXX Troy, OH XXXXX Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer
list Vernon Everett
Hi all
I was asked this morning if we can authenticate Hobbit users against our
company LDAP or NIS.
We have multiple hobbit "administrators" and it would be good to keep
track of who acknowledged or updated issues, but maintaining the
passwords manually will be a pain.
Has anybody done this before?
If so, how?
Regards
Vernon
NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments.
list Josh Luthman
This is Apache's job. It can be done. http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html http://www.math.tu-clausthal.de/~matsa/linux/apache-nis/
▸
Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX
Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer
On Tue, Jul 22, 2008 at 9:53 PM, Everett, Vernon <
▸
user-9da1a1882f49@xymon.invalid> wrote:
Hi all
I was asked this morning if we can authenticate Hobbit users against our
company LDAP or NIS.
We have multiple hobbit "administrators" and it would be good to keep track
of who acknowledged or updated issues, but maintaining the passwords
manually will be a pain.
Has anybody done this before?
If so, how?
Regards
Vernon
NOTICE: This email and any attachments are confidential.
They may contain legally privileged information or
copyright material. You must not read, copy, use or
disclose them without authorisation. If you are not an
intended recipient, please contact us at once by return
email and then delete both messages and all attachments.
list Vernon Everett
And authentication to AD is also Apache's job, I presume?
I am seeing a pattern evolving here :-)
Thanks
Vernon
▸
From: Josh Luthman [mailto:user-4c45a83f15cb@xymon.invalid] Sent: Wednesday, 23 July 2008 1:42 PM To: user-ae9b8668bcde@xymon.invalid Subject: Re: [hobbit] Hobbit Authentication with LDAP or NIS This is Apache's job. It can be done. http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html http://www.math.tu-clausthal.de/~matsa/linux/apache-nis/ Josh Luthman Office: XXX-XXX-XXXX Direct: XXX-XXX-XXXX XXXX Wayne St Suite XXXX Troy, OH XXXXX Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Tue, Jul 22, 2008 at 9:53 PM, Everett, Vernon <user-9da1a1882f49@xymon.invalid> wrote: Hi all I was asked this morning if we can authenticate Hobbit users against our company LDAP or NIS. We have multiple hobbit "administrators" and it would be good to keep track of who acknowledged or updated issues, but maintaining the passwords manually will be a pain. Has anybody done this before? If so, how? Regards Vernon NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments. NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments.
list Omar Hermannsson
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Assuming you are using apache as your webserver then yes, it will handle authentication to Active Directory. You can go with plain LDAP authentication which is easier to setup or if you want single-sign-on then you go with kerberos authentication. I'd say go with LDAP to begin with, you'll be up and running in no time. There are a lot of howtos out there on the matter. Cheers, Omar
▸
On mið 23.júl 2008 07:45, Everett, Vernon wrote:And authentication to AD is also Apache's job, I presume?
I am seeing a pattern evolving here :-)
Thanks
Vernon
*From:* Josh Luthman [mailto:user-4c45a83f15cb@xymon.invalid]
*Sent:* Wednesday, 23 July 2008 1:42 PM
*To:* user-ae9b8668bcde@xymon.invalid
*Subject:* Re: [hobbit] Hobbit Authentication with LDAP or NIS
This is Apache's job. It can be done.
http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html
http://www.math.tu-clausthal.de/~matsa/linux/apache-nis/
Josh Luthman
Office: XXX-XXX-XXXX
Direct: XXX-XXX-XXXX
XXXX Wayne St
Suite XXXX
Troy, OH XXXXX
Those who don't understand UNIX are condemned to reinvent it, poorly.
--- Henry Spencer
On Tue, Jul 22, 2008 at 9:53 PM, Everett, Vernon
<user-9da1a1882f49@xymon.invalid <mailto:user-9da1a1882f49@xymon.invalid>>
▸
wrote:
Hi all
I was asked this morning if we can authenticate Hobbit users against
our company LDAP or NIS.
We have multiple hobbit "administrators" and it would be good to
keep track of who acknowledged or updated issues, but maintaining
the passwords manually will be a pain.
Has anybody done this before?
If so, how?
Regards
Vernon
NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments.
NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments.-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIhvrtO5lNk+Yy9cgRApvbAJ9andZb/kQRb26v8BON/6/mOQaUTACgtiy0 TeCk2eCsL7g/HmA7c+2VzCg= =j3Rd -----END PGP SIGNATURE-----
list Stewart L
I've actually got our Hobbit authing against AD by using LDAP. Works very well. mod_authnz_ldap is the way to go. I can send you a sanitized hobbit.conf if you like to show how we did it... I've done it on RHEL3 using Apache::AuthNetLDAP and RHEL5 using mod_authz_ldap Stewart On Wed, Jul 23, 2008 at 3:45 AM, Everett, Vernon <
▸
user-9da1a1882f49@xymon.invalid> wrote:
And authentication to AD is also Apache's job, I presume?
I am seeing a pattern evolving here :-)
Thanks
Vernon
*From:* Josh Luthman [mailto:user-4c45a83f15cb@xymon.invalid]
*Sent:* Wednesday, 23 July 2008 1:42 PM
*To:* user-ae9b8668bcde@xymon.invalid
*Subject:* Re: [hobbit] Hobbit Authentication with LDAP or NIS
This is Apache's job. It can be done.
http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.htmlhttp://www.math.tu-clausthal.de/~matsa/linux/apache-nis/<http://www.math.tu-clausthal.de/%7Ematsa/linux/apache-nis/>;
▸
Josh Luthman Office: XXX-XXX-XXXX Direct: XXX-XXX-XXXX XXXX Wayne St Suite XXXX Troy, OH XXXXX Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Tue, Jul 22, 2008 at 9:53 PM, Everett, Vernon < user-9da1a1882f49@xymon.invalid> wrote:Hi all I was asked this morning if we can authenticate Hobbit users against our company LDAP or NIS. We have multiple hobbit "administrators" and it would be good to keep track of who acknowledged or updated issues, but maintaining the passwords manually will be a pain. Has anybody done this before? If so, how? Regards Vernon NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments.NOTICE: This email and any attachments are confidential. They may contain legally privileged information or copyright material. You must not read, copy, use or disclose them without authorisation. If you are not an intended recipient, please contact us at once by return email and then delete both messages and all attachments.
--
Stewart
--
You only lose what you cling to.
list Steve Holmes
▸
On Wed, Jul 23, 2008 at 6:45 AM, Stewart L <user-a046134cfd06@xymon.invalid> wrote:
I've actually got our Hobbit authing against AD by using LDAP. Works very well. mod_authnz_ldap is the way to go. I can send you a sanitized hobbit.conf if you like to show how we did it... I've done it on RHEL3 using Apache::AuthNetLDAP and RHEL5 using mod_authz_ldap Stewart On Wed, Jul 23, 2008 at 3:45 AM, Everett, Vernon < user-9da1a1882f49@xymon.invalid> wrote:And authentication to AD is also Apache's job, I presume? I am seeing a pattern evolving here :-) Thanks Vernon *From:* Josh Luthman [mailto:user-4c45a83f15cb@xymon.invalid] *Sent:* Wednesday, 23 July 2008 1:42 PM *To:* user-ae9b8668bcde@xymon.invalid *Subject:* Re: [hobbit] Hobbit Authentication with LDAP or NIS This is Apache's job. It can be done. http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html http://www.math.tu-clausthal.de/~matsa/linux/apache-nis/<http://www.math.tu-clausthal.de/%7Ematsa/linux/apache-nis/>; Josh Luthman Office: XXX-XXX-XXXX Direct: XXX-XXX-XXXX XXXX Wayne St Suite XXXX Troy, OH XXXXX Those who don't understand UNIX are condemned to reinvent it, poorly. --- Henry Spencer On Tue, Jul 22, 2008 at 9:53 PM, Everett, Vernon < user-9da1a1882f49@xymon.invalid> wrote:Hi all I was asked this morning if we can authenticate Hobbit users against our company LDAP or NIS. We have multiple hobbit "administrators" and it would be good to keep track of who acknowledged or updated issues, but maintaining the passwords manually will be a pain. Has anybody done this before? If so, how? Regards Vernon --
Stewart --
We use pubcookie. Works very well if you have real (not self-signed) certificates. See pubcookie.org.Steve. --