Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 44612 invoked from network); 2 Mar 2009 14:43:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Mar 2009 14:43:29 -0000 Received: (qmail 56985 invoked by uid 500); 2 Mar 2009 14:43:18 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 56966 invoked by uid 500); 2 Mar 2009 14:43:17 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 56957 invoked by uid 99); 2 Mar 2009 14:43:17 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 02 Mar 2009 06:43:17 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [134.68.171.23] (HELO mhw.ulib.iupui.edu) (134.68.171.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 02 Mar 2009 14:43:10 +0000 Received: from mwood by mhw.ulib.iupui.edu with local (Exim 4.69) (envelope-from ) id 1Le9Lz-00059Y-OC for users@httpd.apache.org; Mon, 02 Mar 2009 09:42:47 -0500 Date: Mon, 2 Mar 2009 09:42:47 -0500 From: "Mark H. Wood" To: users@httpd.apache.org Message-ID: <20090302144247.GC16868@IUPUI.Edu> References: <49A6AC60.3080601@walterisookeensufferukker.nl> <9E085D377965634187A85638358AE61179291B7C@DCXPRCL017.cnf.prod.cnf.com> <49A6E049.3050308@walterisookeensufferukker.nl> <20090226184248.GM2834@wssp.cc.univie.ac.at> <49A7A5D9.5060907@ofd-sth.niedersachsen.de> <49A7F976.6040003@ofd-sth.niedersachsen.de> <49A7FC86.9060608@ice-sa.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="xo44VMWPx7vlQ2+2" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.16 (2007-06-09) X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] Re: Confused about LDAP authentication with Active Directory --xo44VMWPx7vlQ2+2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable I've forgotten whether there was some special complicating factor in the original request. This works here with 2.2.10: AuthType Basic AuthBasicProvider ldap AuthName "ADS" AuthBasicAuthoritative On AuthLDAPURL "ldap://domain controller list/ou=3DAccounts,dc=3Dads,dc=3Diu,= dc=3Dedu?CN?one" STARTTLS AuthLDAPBindDN "CN=3Dinitial bind user,OU=3DIN-ULib,OU=3DAccounts,DC=3Dads= ,DC=3Diu,DC=3Dedu" AuthLDAPBindPassword "secret password here" AuthzLDAPAuthoritative Off AuthLDAPGroupAttribute member Require ldap-group cn=3DIN-ULib-Admins,ou=3DIN-ADMINS,ou=3DIN,dc=3DADS,dc= =3DIU,dc=3DEdu I'm sure that some of that is debris from trying various things to make it work, which I'm now scared to touch. :-/ Adjust the Require directive, "domain controller list", "initial bind user", "secret password here" and various DNs as needed. --=20 Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu Friends don't let friends publish revisable-form documents. --xo44VMWPx7vlQ2+2 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmr8GcACgkQs/NR4JuTKG/HswCfWt4o9evI/jqh+ACIjANNq4pc 3i8AoJDMtmxp1fzGDkivIUQhiKGmMTce =HmxU -----END PGP SIGNATURE----- --xo44VMWPx7vlQ2+2--