Kerberos on Windows8 - security

Can anyone help me to setup kerberos authentication on windows8?
1.I googled about kerberos setup in windows8, but it is hard to know,
2.Also tried with Ksetup command line tool, but there is no improvements,
Help me to setup kerberos in windows8.
Thanks in advance.

Kerberos in windows can be achieved by the windows server OS with active directory
In that server we need to create krb5.ini configuration file and users who are going to be access the service or host
Also we need to map separate principals to the appropriate user
Finally we can access those principals in any other windows system with the correct kerberos realm
Refer Configuring Windows Server 2000 Kerberos Service

Related

How to integrate servers Microsoft IIS 7 and Microsoft Active Directory (LDAP)?

I have windows server 2008 with IIS 7.
There I have some Web Based application installed.
I want to integrate that server with customer's Active Directory Server in order to users be able to access the application with their domain accounts.
I know this is beginner question, but sorry I am not an expert and didn't do anything with LDAP before.
I read here instructions for some different authentication protocols https://technet.microsoft.com/en-us/library/cc733010%28v=ws.10%29.aspx
But as I understood I should use Integrated Windows Authentication correct?
But when I open Authentication within the IIS sites (WebClient) I see only options:
Anynomymous
Basic
ASP.NET
Digest
Forms
Windows
Which option should I choose and where I populate LDAP path and the user who will have privileges to access the LDAP?
Please take into consideration that I am really beginner for this and don't have any help for this configuration.
Thank you in advance

Authentication Failure when accessing visualSVN server from linux svn client

Our VisualSVN server has "Integrated Windows Authentication" enabled, so I cannot access to it via Ubuntu/svn.
When I do this :
svn checkout http://MyRepo
I get these errors:
svn: E120191: Unable to connect to a repository at URL 'http://MyRepo'
svn: E120191: Error running context: The requested authentication type(s) are not supported.
Does anybody know a solution to this problem (other than not using Windows Authentication) ?
If you have Integrated Windows Authentication enabled, then your client computer has to be joined the Active Directory domain where VisualSVN Server resides (or at least trusted AD domain). In such case Integrated Windows Authentication will work from the Linux machine (over Kerberos or NTLM) without any problems.
For a non-domain Windows machine, it is always possible to put AD credentials to Windows Credential Manager and you could authenticate over IWA without any issues. I don't know any alternative on Linux for the tool but I guess that there has to be one.
You can enable Basic Windows Authentication in VisualSVN Server settings in addition to Integrated Windows Authentication. This way Linux-based should be able to authenticate over Basic.

kerberos authentication setup for postgresql in REDHAT environment

Our backend is running with PostgreSql in REDHAT environment.Here we need to implement a kerberos authentication.what will be the configuration changes required to perform this.
example: google. once we login to google.com we can access google+, google drive, google apps.. without again providing password.
I too need a similar setup. but my requirment is my client wants to connect through windows as front-end where RHEL is using as backend. so, i have a vague idea thats going to work out with Active Directory configuration. but guide me on how to setup kerberos using AD on RHEL.

Neo4j: Ubuntu hosted endpoint protection on Microsoft Azure

I am trying to host the neo4j server on an Azure Ubuntu VM and opened up the endpoint to enable access from my machine so that I can access the webadmin portal and also debug Asp.net portal code from my machine.
I am however unable to understand how to password protect the access to neo4j endpoint on that VM so that its not open for everyone on the net. looking for at least a simple protection like:
http://<user>:<pass>#myneo4j.cloudapp.net:7474/db/data
Is there any guide on how to setup the neo4j on the Azure cloud that I can refer to.
I found authentication-extension but unable to understand if this is all i need when setting up connection via Neo4jClient
Regards
Kiran
If you use ubuntu you can set up nginx as reverse proxy: http://joewhite86.wordpress.com/2013/05/29/secure-neo4j-webadmin-using-http-auth-and-ssl/
Once I downloaded the right version of 'authentication-extension' and put it in the plugin folder, it was exactly what i wanted,
added few users and pointed the URI to database as below :
http(s)://<user>:<pass>#myneo4j.cloudapp.net:7474/db/data.
and that's all I needed to protect my back end like old fashion SQL server ways.

Git connected to Active Directory

Objective:
Setup Git repository on Oracle Linux 6. Users connecting from Windows, Mac and Linux, using AD credentials. I would like to limit access base on AD groups. I have been searching for a way to set this up. I have seen several options that allow for fine grained access control of the repository but I haven't found anything that can use AD groups to manage access.
So the question is: Is this even possible? Can someone point me in the direction of documentation that would explain the process?
Update:
There now appear to be more options:
GitLab supports LDAP authentication
Gogs supports LDAP too
Update:
GitBlit, "an open-source, pure Java stack for managing, viewing, and serving Git repositories", supports LDAP authentication out of the box:
LDAP can be used to authenticate Users and optionally control Team memberships. When properly configured, Gitblit will delegate authentication to your LDAP server and will cache some user information in the usual users.conf file.
GitBlit also lists support for Windows authentication, but only when installed on Windows, and only tested against local accounts.
Previous answer:
If you move your Git server to Bonobo Git Server on Windows you can use Windows authentication:
Windows Authentication
This authentication is very useful when your git server sits inside the company network and your accounts and logging information could be managed via IIS. The advantage of this approach is that your users won’t have to create another account for logging to Bonobo Git Server. They will use the existing Windows account they use on the network.
Doing this from Linux is possible, but unlikely to be easy. You'll probably have to set PAM up to use either LDAP or Kerberos authentication and then do quite a lot of configuration. If you've got Windows licences I strongly recommend checking out Bonobo.

Resources