ldap in symfony (gentoo vm)

**midway** · 10-01-2012

Hello,
Ok, I am a new user to symfony (day 1).
Our symfony (set-up by my predecessor) which runs our intranet webserver doesnt authenticate ldap users since last week. It doesn't throw any error etc., just doesn't log me/users in
pls help.

also ask for any information and I would try my best to provide.

many thanks in advance.
os - gentoo 2.6.28
php - 5.3.15

**midway** · 10-02-2012

ok, i gave-up on the idea of symfony plugin now. i am looking towards samba (where i should have looked in the first instance).

Code:

# cat /etc/krb5.conf 
[logging] 
 default = FILE:/var/log/krb5libs.log 
 kdc = FILE:/var/log/krb5kdc.log 
 admin_server = FILE:/var/log/kadmind.log 

[libdefaults] 
 default_realm = abc.com 
 dns_lookup_realm = false 
 dns_lookup_kdc = false 

[realms] 
 abc.com = { 
  kdc = d.abc.com:88 
  admin_server = d.abc.com:749 
  default_domain = abc.com 
 } 

[domain_realm] 
 .abc.com = abc.com 
  abc.com = abc.com 

[kdc] 
 profile = /var/kerberos/krb5kdc/kdc.conf 

[appdefaults] 
 pam = { 
   debug = false 
   ticket_lifetime = 36000 
   renew_lifetime = 36000 
   forwardable = true 
   krb4_convert = false 
 } 


smb.conf
[global] 
workgroup = abc 
netbios name = e 
server string = Samba Server %v 
local master = no 
preferred master = no 
domain logons = no 
wins server = 193.63.xx.xx 
wins proxy = no 
winbind enum users = Yes 
winbind enum groups = Yes 
winbind use default domain = Yes 
winbind nested groups = Yes 
winbind separator = + 
os level = 20 
max log size = 50 
encrypt passwords = yes 
dns proxy = no 
password server = * 
security = ADS 
realm = abc.com 
username map = /etc/samba/smbusers 
socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 IPTOS_LOWDELAY 
add user script = /usr/sbin/useradd -m %u 
valid users = midway 

[homes] 
comment = Home Directories 
browseable = yes 
writable = yes 
case sensitive = no 

[intranet] 
comment = intranet 
writable = yes 
path = /home/intranet 
force user = intranet 
force group = intranet 
valid users = midway 



# net ads testjoin 
[2012/10/02 16:34:32.540348,  0] libads/kerberos.c:333(ads_kinit_password) 
  kerberos_kinit_password e$@abc.com failed: Preauthentication failed 

# net ads status 
Enter root's password: 
[2012/10/02 16:17:41.367505,  0] libads/kerberos.c:333(ads_kinit_password) 
  kerberos_kinit_password root@abc.com failed: Client not found in Kerberos database

**midway** · 10-03-2012

ok, solved it.
a very simple fix that is rejoining the domain did the trick.

Code:

net ads join -U admin 
password: 
NT_STATUS_OK: Success (0x0) 

ntlm_auth --username="midway" --domain="abc" --require-membership-of="abc\adgroup" 
password: 
NT_STATUS_OK: Success (0x0)

Thread Tools

Display

ldap in symfony (gentoo vm)

Posting Permissions