You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Saxa Egea <sa...@saxa.dyndns.org> on 2014/04/16 11:26:24 UTC
Re: [users@httpd] custom ldap conf file
Sorry.. but I'm a newbie...
As far as I understand Apache does not use "/etc/ldap/ldap.conf" or
whatever.
You specify all settings in your httpd.conf or vhost configuration like:
<Location /your_auth_required_location>
AuthType Basic
AuthName "Authentication required">
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPBindDN cn=Manager,dc=domain
AuthLDAPBindPassword <Manager_pass>
AuthLDAPURL"ldap://ldapserver.domain"
Require user username
Require ldap-group dn_of_group
</Location>
For each "sub" location... just need to specify the group or users you
allow with:
<Location /whatever>
Require user username
Require ldap-group dn_of_other_group
</Location>
Remeber users and groups are "ORed", not AND'ed.
Hope this helps you.
Tx,
Saxa
On 14/04/14 20:09, Lee Burke wrote:
>
> Question -- how to configure Apache to find a custom ldap conf file.
>
> I am using Apache 2.2.12 on Suse linux 11 patchset 2, with PHP 5.2.14.
>
> I want to create a custom ldap.conf file for use by Apache for user
> authentication via a remote system.
>
> I can't put my config info in /etc/openssl/ldap.conf or /etc/ldap.conf
> -- it's a long story.
>
> But, I could create my own /etc/openldap/apache_ldap.conf.
>
> The question is -- Where in Apache (and maybe PHP) can I tell Apache
> to look for and use the settings in my custom apache_ldap.conf ?
>
> My custom ldap conf file would include things like TLS_REQCERT, uri
> and base.
>
> *Lee Burke*
>
> Lead Systems Engineer
>
> GPDS Innovation
>
> Lee.Burke@gm.com <ma...@gm.com>
>
> C 586.359.9417
>
>
>
> Nothing in this message is intended to constitute an electronic
> signature unless a specific statement to the contrary is included in
> this message.
>
> Confidentiality Note: This message is intended only for the person or
> entity to which it is addressed. It may contain confidential and/or
> privileged material. Any review, transmission, dissemination or other
> use, or taking of any action in reliance upon this message by persons
> or entities other than the intended recipient is prohibited and may be
> unlawful. If you received this message in error, please contact the
> sender and delete it from your computer.