2 Replies Latest reply on Jul 7, 2015 2:29 PM by Isaac Matta

    Unable to get Domain Authentication working.

      Morning all,

       

      I am getting the following error when trying to login into the configuration manager using Domain Authentication:

      [13 Sep 2010 10:26:47,741] [main] [INFO] [::] [] Accepting requests...
      [13 Sep 2010 10:26:47,741] [main] [INFO] [::] [] Ready.
      [13 Sep 2010 10:27:08,174] [Authentication-Service-Thread-0] [WARN] [::10.201.64.195] [Appserver] Cannot find an entry for com.bladelogic.auth.service.ADKerberosPasswordLogin in the JAAS login configuration file (/opt/nsh/br/blappserv_login.conf).
      [13 Sep 2010 10:27:08,177] [Authentication-Service-Thread-0] [INFO] [username@TELSTRACLEAR.TCLAD::10.201.64.195] [Appserver] user authentication failed: bmcquil@TELSTRACLEAR.TCLAD
      [13 Sep 2010 10:27:08,177] [Authentication-Service-Thread-0] [INFO] [username@TELSTRACLEAR.TCLAD::10.201.64.195] [Appserver] Authentication Connection closed

       

      Any help would be greatly appreciated.

       

      My configuration is:

      [AuthServer]
      AuthSvcKrb5Config:blappserv_krb5.conf
      AuthSvcKrb5LoginConfig:blappserv_login.conf
      AuthSvcPort:9840
      AuthSvcSocketTimeout:75
      AuthSvcSocketsBindAddress:all
      IsADKAuthEnabled:false
      IsDomainAuthEnabled:true
      IsSRPAuthEnabled:true
      IsSSOCredRefreshEnabled:true
      IsSecurIdAuthEnabled:
      IsSsoRefreshHostnameCheckEnabled:
      MaxAuthSvcContexts:20
      MaxAuthSvcThreads:3

       

      # cat blappserv_krb5.conf blappserv_login.conf
      [libdefaults]
              ticket_lifetime = 6000
              default_realm = TELSTRACLEAR.TCLAD
              default_tkt_enctypes = des-cbc-md5
              default_tgs_enctypes = des-cbc-md5
      [realms]
      TELSTRACLEAR.TCLAD = {
      kdc = wlgwpadccor01.telstraclear.tclad:88
      kdc = takadc01.telstraclear.tclad:88
      kdc = tdsadc01.telstraclear.tclad:88
      kdc = aklwpadccor01.telstraclear.tclad:88
      }
      [domain_realms]
      .telstraclear.tclad = TELSTRACLEAR.TCLAD
      .clear.co.nz = TELSTRACLEAR.TCLAD

       

      # cat blappserv_login.conf

      com.sun.security.jgss.accept {
      com.sun.security.auth.module.Krb5LoginModule required
      useKeyTab=true
      keyTab="/opt/nsh/br/blauthsvc.keytab"
      storeKey=true
      principal="blauthsvc/TCLBladelogic@TELSTRACLEAR.TCLAD"
      doNotPrompt=true
      debug=true;
      };

       

       

      Thanks

       

      Barry