-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinc.config.php
97 lines (79 loc) · 2.82 KB
/
inc.config.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
<?php
define('DB_RW_HOST', 'localhost');
define('DB_USER', 'wscouser');
define('DB_PASSWD', '');
define('DB_NAME', 'websco');
define('DB_CPAGE', 'utf8');
define('DB_PREFIX', 'w_');
/*
USE_GSSAPI required for create keytab file.
ktpass -princ <HTTP/[email protected]> -mapuser <svc_websco> -crypto ALL -ptype KRB5_NT_PRINCIPAL -pass <password> -target dc.contoso.com -out c:\temp\websco.keytab
configure krb5.conf:
[libdefaults]
default_realm = CONTOSO.COM
default_client_keytab_name = FILE:/etc/kerberos/websco.keytab
default_ccache_name = FILE:/tmp/krb5cc_%{uid}
#default_keytab_name = FILE:/etc/kerberos/websco.keytab
[realms]
CONTOSO.COM = {
kdc = 10.0.0.1
kdc = 10.0.0.2
kdc = 10.0.0.3
kdc = 10.0.0.4
admin_server = 10.0.0.1
}
[domain_realm]
.contoso.com = CONTOSO.COM
contoso.com = CONTOSO.COM
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmin.log
default = FILE:/var/log/krb5/krb5lib.log
check:
kinit -V -ki -S HTTP/websco.contoso.com
klist
ktinit -ki
kinit -S HTTP/websco.contoso.com -p <any_user>@CONTOSO.COM
klist
check KVNO version:
klist -k /etc/kerberos/websco.keytab
Get-ADUser svc_websco -Property msDS-KeyVersionNumber
Clearing Kerberos authorization tickets after adding a WebSCO service account to an AD group or updating a keytab:
Linux:
kdestroy -A
kdestroy -A -c /tmp/krb5cc_<user_id>
Windows:
klist purge
*/
define('USE_GSSAPI', TRUE);
define('USE_LDAP', TRUE);
define('LDAP_CERT_IGNORE', FALSE);
define('LDAP_URI', 'ldap://contoso-dc-01 ldap://contoso-dc-02');
define('LDAP_USER', 'domain\\websco');
define('LDAP_PASSWD', '');
define('LDAP_BASE_DN', 'DC=contoso,DC=local');
define('LDAP_USE_SID', TRUE);
define('APP_LANGUAGE', 'en');
//define('LDAP_ADMIN_GROUP_DN', 'CN=WEBSCO-Administrators,OU=Administrators,OU=DC=contoso,DC=local');
define('MAIL_HOST', 'smtp.contoso.com');
define('MAIL_FROM', '[email protected]');
define('MAIL_FROM_NAME', 'WebSCO');
define('MAIL_AUTH', TRUE);
define('MAIL_LOGIN', '');
define('MAIL_PASSWD', '');
define('MAIL_SECURE', '');
define('MAIL_PORT', 25);
define('MAIL_TO_ADMIN', '[email protected]');
define('MAIL_VERIFY_PEER', TRUE);
define('MAIL_VERIFY_PEER_NAME', TRUE);
define('MAIL_ALLOW_SELF_SIGNED', FALSE);
//define('ORCHESTRATOR_VERSION', 2022);
define('ORCHESTRATOR_URL', 'http://srv-scor-01.contoso.com:81/Orchestrator2012/Orchestrator.svc');
define('ORCHESTRATOR_USER', 'domain\\websco');
define('ORCHESTRATOR_PASSWD', '');
define('USE_MEMCACHED', TRUE);
define('WEB_URL', 'https://websco.contoso.com/websco/');
define('WEB_LINK_BASE_PATH', '/websco/');
define('USE_PRETTY_LINKS', FALSE);
define('USE_PRETTY_LINKS_FORCE', FALSE);
define('LOG_FILE', '/var/log/websco/websco.log');