Intranet/Intranet Client Configuration

WORK IN PROGRESS

Mediawiki is accessed via a web browser and so clients should not require any configuration. However, SSL certificates and Kerberos integration may need some attention at the client end for an intranet.

SSL/TLS certificates
Assuming that the wiki is using a TLS certificate that is signed by the corporate CA then the client system must also be able to trust that CA. By default (#### verify this #####) upon installation of a MS AD CA, its certificate will be distributed via Group Policy to all clients.

Kerberos
The reference build enforces Kerberos authentication on the web server and by default does not allow failing over to basic auth. This section covers how to enable Kerberos at the client.

IE
.... Group Policy ....

Firefox
.... flags, XML file (GP delivered ?) ...

Chrom{e|ium}
.... Group Policy for Windows ....

Linux

 * 1) mkdir -p /etc/opt/chrome/policies/managed


 * 1) mkdir -p /etc/chromium/policies/managed

Create a .jason file such as my_local_policy.json: