Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 39598 invoked from network); 14 Nov 2007 15:47:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 14 Nov 2007 15:47:55 -0000 Received: (qmail 97028 invoked by uid 500); 14 Nov 2007 15:47:33 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 97011 invoked by uid 500); 14 Nov 2007 15:47:33 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 97000 invoked by uid 99); 14 Nov 2007 15:47:33 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Nov 2007 07:47:33 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of tomhart@coopfed.org designates 70.42.55.28 as permitted sender) Received: from [70.42.55.28] (HELO smtp.atof.net) (70.42.55.28) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 14 Nov 2007 15:48:27 +0000 Received: from [192.168.1.207] ([::ffff:216.171.183.110]) (AUTH: CRAM-MD5 tomhart@coopfed.org, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by smtp.atof.net with esmtp; Wed, 14 Nov 2007 10:47:14 -0500 id 00073EAB.473B1882.00001D3C Message-ID: <473B17B2.6020806@coopfed.org> Date: Wed, 14 Nov 2007 10:43:46 -0500 From: Tom Hart User-Agent: Thunderbird 2.0.0.6 (Windows/20070728) MIME-Version: 1.0 To: users@httpd.apache.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] active directory authentication Timothy Larrea wrote: > Hello, > > I'm trying to configure apache2 to use active directory authentication > so I can restrict access to pages via domain security groups, I.e. user > must be member of certain group in order to be able to view page. Hi Tim. What you're looking for is mod_authnz_ldap to auth against ad. I had to whack around a bit to get it working properly, but once I did it's been working really well. Users do have to re-authenticate (using FF, not sure about IE) but like other auth schemes it stays for the session. I would start here http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html If you have any more problems, do what we all do. Google it, then come here :-) --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org