For apache, to enforce group member restriction follow below syntax. AuthLDAPURL ldap://ldap.airius.com/o=Airius?uid Require group cn=Administrators, o=Airius Yours should be: ldap://10.209.22.65:389/ou=People?uid Require group cn=IT, ou=shared,ou=people,dc=ldapser,dc=com More examples and explanation here: http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html -- Thanks, Prashanth
