I have an Comprehensive Question about SSO in Relation to LDAP
Is it possible with LDAP to get Access on an sso client with an Computer in
a Network ( e.g RT) by start the Computer with an network windows logon
Or i have to do this with ntlm?
You can use Kerberos to do this. From memory, you need to make sure that DNS
is working perfectly (including reverse lookups), and you will need to ensure
that the browser is prepared to use Kerberos to authenticate against your RT
server. For IE, this means designating the RT server as part of the
"Intranet" zone; for Firefox you can use about:config and add the RT server to
On the server side, you want something like this in .htaccess:
AuthName "Kerberos Login"
and you’ll need to populate the keytab file with the appropriate keys.
That will get you as far as having Windows transparently authenticate to the
web server, which will expose the user name to RT via the REMOTE_USER
environment variable. You should then be able to add
to your RT_SiteConfig.pm file to instruct RT to trust this authentication.
Hope that helps.