You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Falko Zurell <fa...@zurell.de> on 2006/04/25 15:24:00 UTC
Re: [users@httpd] Apache 2.2 and Active Directory
Hello *,
I finally got a working configuration for Apache 2.2.0 the
authenticate against an MS Active Directory Server via mod_authnz_ldap
Important is the directive: AuthzLDAPAuthoritative off
....
--------------------- snip ---------------------------------
LDAPSharedCacheSize 102400
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600
# LDAPTrustedGlobalCert CA_BASE64 <pfad auf CA file>
# LDAPTrustedMode SSL
# LDAPVerifyServerCert Off # mit On gehts bei mir nicht
<Location /otrs>
ErrorDocument 403 /otrs/index.pl
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
Options +ExecCGI
PerlOptions +ParseHeaders
PerlOptions +SetupEnv
AuthLDAPBindDN
CN=LDAP,OU=Unix,OU=Admins,OU=Workers,DC=ads,DC=mydomain,DC=com
AuthLDAPBindPassword viewonly
AuthLDAPURL ldap://10.1.1.14/
OU=Workers,DC=ads,DC=mydomain,DC=com?sAMAccountName?sub?
(objectClass=person)
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthType Basic
AuthName "Please authenticate"
# Require ldap-group
OU=Admins,OU=Workers,DC=ads,DC=mydomain,DC=com
# Require ldap-user
Require valid-user
</Location>
---------------------- snap --------------------------------------
kind regards
Falko
Am 24.04.2006 um 14:32 schrieb Falko Zurell:
> Hi *,
>
> here again my question:
>
> Has anyone successfully configured Apache 2.2 to authenticate
> against a MS Active Directory Server (via mod_authnz_ldap)?
>
>
> Please give a note to me.
>
> Thanks!
>
>
> ---
> F a l k o Z u r e l l
> -----------------------------------------------------
> mail: mailto:falko@zurell.de
> web: http://www.zurell.de
> gpg: http://www.zurell.de/falko.zurell-gpg-key.asc
> blog: http://www.explain-it.org/wordpress/
> icq: 327004879
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---
F a l k o Z u r e l l
-----------------------------------------------------
mail: mailto:falko@zurell.de
web: http://www.zurell.de
gpg: http://www.zurell.de/falko.zurell-gpg-key.asc
blog: http://www.explain-it.org/wordpress/
icq: 327004879
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org