Anyone has an apache running with mod_auth_kerb AND mod_auth_ldap?

Michael B Allen mba2000 at
Thu Oct 5 11:09:12 EDT 2006

On Thu, 5 Oct 2006 08:03:51 +0200
"Djihangiroff, Matthias (KC-DD)" <Matthias.Djihangiroff at> wrote:

> Hello,
> Anyone out there whos running an Apache with mod_auth_kerb and
> mod_auth_ldap?
> Im running an Apache with mod_auth_kerb perfectly.
> But we have users, which arent in our Windows AD, so they cant load the
> websites protected through mod_auth_kerb.
> Is it possible to fall back to mod_auth_ldap, so they can manualy type
> in their login? (The Apache than check the user against the LDAP).

I don't know the answer to this (my understanding is that trying to
stack mod_auth_* modules together is not practical) but I just want to
point out that you can use krb5_get_init_creds_password to do Basic so
there's no reason to use LDAP at all. In fact using LDAP as a make-shift
authentication service is crude and insecure. Wether or not mod_auth_kerb
can do it I have no idea.


Michael B Allen
PHP Active Directory SSO

More information about the Kerberos mailing list