httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Sokoll <R.Sok...@intershop.de>
Subject Re: [users@httpd] Active Directory, Apache 2.2.2, and LDAP
Date Tue, 02 May 2006 20:59:15 GMT
On Tue, May 02, 2006 at 03:38:12PM -0400, Stewart, Eric wrote:

> 	It turns out that the following set up will work - but that you
> might get bitten by what I call an "AD Bug":
> 
> <Directory "/data1/webdocs/idriver">
    [...]
> </Directory>
> 
> This will work as expected, providing:
[problems]

I cannot say much about AD and default groups (I am not a windows
admin, fortunataly) but this works fine for me (2.0.58 at this time):

LoadModule ldap_module modules/mod_ldap.so
LoadModule auth_ldap_module modules/mod_auth_ldap.so
<Location /foo/>
  AuthType Basic
  AuthLDAPEnabled on
  AuthLDAPAuthoritative on
  AuthLDAPBindDN "DOMAIN\\User"
  AuthLDAPBindPassword veryverysecret
  AuthLDAPUrl
  ldap://yourdc.your.org:389/OU=Staff,DC=your,DC=org?sAMAccountName
  require valid-user
</Location

AuthLDAPBind* is used for initial authentication, since a regular user
cannot read sAMAccountName (my windows admins told me so)

> 	Feel free to start a discussion, provide insight/commentary, or
> ignore as usual.

;-))

HTH,
Rainer

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message