Difference between revisions of "Active Directory authentication in httpd.conf"
From MyWiki
| (4 intermediate revisions by the same user not shown) | |||
| Line 3: | Line 3: | ||
<source lang="text"> | <source lang="text"> | ||
| − | |||
| − | |||
| − | <Location /protected> | + | <Location /protected> ( I used Directory with full file system path ) |
# Using this to bind | # Using this to bind | ||
| − | AuthLDAPBindDN "CN=John Doe,OU=IT Department,OU=Germany,DC=example,DC=com" | + | AuthLDAPBindDN "CN=John Doe,OU=IT Department,OU=Germany,DC=example,DC=com" ( I used blah009@camping.com) |
AuthLDAPBindPassword "XXX" | AuthLDAPBindPassword "XXX" | ||
# search user | # search user | ||
| Line 17: | Line 15: | ||
AuthBasicProvider ldap | AuthBasicProvider ldap | ||
# Important, otherwise "(9)Bad file descriptor: Could not open password file: (null)" | # Important, otherwise "(9)Bad file descriptor: Could not open password file: (null)" | ||
| − | AuthUserFile /dev/null | + | AuthUserFile /dev/null <------------ this is needed |
require valid-user | require valid-user | ||
</Location> | </Location> | ||
| − | |||
| − | |||
AuthLDAPURL "ldap://IP-DOMAIN-CONTROLLER/ou=Germany,dc=example,dc=com?Vmail?sub?(objectClass=*)" | AuthLDAPURL "ldap://IP-DOMAIN-CONTROLLER/ou=Germany,dc=example,dc=com?Vmail?sub?(objectClass=*)" | ||
| − | |||
| − | + | ||
| + | |||
Specific Users, Groups | Specific Users, Groups | ||
# specific user | # specific user | ||
| − | # Require ldap-user "john.doe" | + | # Require ldap-user "john.doe" ( this worked for me ) |
# specific user by DN | # specific user by DN | ||
| − | # Require ldap-dn CN=John Doe,OU=Finance,OU=Germany,DC=example,DC=com | + | # Require ldap-dn CN=John Doe,OU=Finance,OU=Germany,DC=example,DC=com ( this didnt work for me ) |
# member of group | # member of group | ||
| − | # Require ldap-group CN=Finance Department,OU=Finance,OU=Germany,DC=example,DC=com | + | # Require ldap-group CN=Finance Department,OU=Finance,OU=Germany,DC=example,DC=com ( I didn't try this ) |
</source> | </source> | ||
Latest revision as of 13:18, 21 March 2016
Reference - http://www.held-im-ruhestand.de/software/apache-ldap-active-directory-authentication.html
<Location /protected> ( I used Directory with full file system path ) # Using this to bind AuthLDAPBindDN "CN=John Doe,OU=IT Department,OU=Germany,DC=example,DC=com" ( I used blah009@camping.com) AuthLDAPBindPassword "XXX" # search user AuthLDAPURL "ldap://IP-DOMAIN-CONTROLLER/ou=Germany,dc=example,dc=com?sAMAccountName?sub?(objectClass=*)" AuthType Basic AuthName "USE YOUR WINDOWS ACCOUNT" AuthBasicProvider ldap # Important, otherwise "(9)Bad file descriptor: Could not open password file: (null)" AuthUserFile /dev/null <------------ this is needed require valid-user </Location> AuthLDAPURL "ldap://IP-DOMAIN-CONTROLLER/ou=Germany,dc=example,dc=com?Vmail?sub?(objectClass=*)" Specific Users, Groups # specific user # Require ldap-user "john.doe" ( this worked for me ) # specific user by DN # Require ldap-dn CN=John Doe,OU=Finance,OU=Germany,DC=example,DC=com ( this didnt work for me ) # member of group # Require ldap-group CN=Finance Department,OU=Finance,OU=Germany,DC=example,DC=com ( I didn't try this )
