EDIT I don't actually see the 500 error in the apache2 error log. I switched moodle's configuration to try NTLM authentication in all browsers, rather than just in IE and the server 500 error no longer appears. I just need to find out what the issue with the failed authentication is.
I am running Ubuntu 14.04 with Apache 2.4 and MOODLE 2.6.2, trying to get SSO to work with our Windows domain. I have added the following to the apache2.conf:
<IfModule !mod_auth_ntlm_winbind.c>
LoadModule auth_ntlm_winbind_module /usr/lib/apache2/modules/mod_auth_ntlm_winbind.so
</IfModule>
<Directory "/var/www/moodle/auth/ldap/">
<Files ntlmsso_magic.php>
NTLMAuth on
AuthType NTLM
AuthName "Moodle NTLM Authentication"
NTLMAuthHelper "/usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp"
NTLMBasicAuthoritative on
require valid-user
</Files>
</Directory>
I also have NTLM turned on in MOODLE, and winbind is installed and working since wbinfo -u and wbinfo -g both return proof that they have bound accounts and groups from the domain controller.
smb.conf has been altered to add the following:
[global]
security = ads
realm = mydomain.local
password server = server.mydomain.local
workgroup = mydomain
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
template homedir = /home/%D/%U
template shell = /bin/bash
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = yes
winbind use default domain = yes
restrict anonymous = 2
When I try to test SSO and log in, I get the message Auto-login failed, try the normal login window...
I'm not quite sure which logs to check, as the only evidence I can find in any logs is that there is a 500 internal server error being thrown.
