|
Thanks for the reply Eric.
I agree that having 2 LDAPURLs is not the problem, because a configuration containing 2 LDAPURLs works if I replace my "require ldap-group" directives with a simple "require valid-user".
But thanks for trying.
Sent from Outlook
From: Eric Covener <covener@xxxxxxxxx>
Sent: Wednesday, July 5, 2017 12:20 PM To: users@xxxxxxxxxxxxxxxx Subject: Re: Apache configuration for multi-domain, multi-group access On Wed, Jul 5, 2017 at 3:18 PM, Eric Covener <covener@xxxxxxxxx> wrote:
> On Wed, Jul 5, 2017 at 3:04 PM, Un Spammable <unspammable@xxxxxxxxxxx> wrote: >> I've looked at many other discussions of similar configurations, and tried >> many suggestions I found there, but they have not helped. However I have not >> found any samples that use multiple ldap-groups located in different >> domains. > > I don't have a solution, but I see in my notes that I once wrote that > you couldn't use two AuthLDAPURL's in 1 section even when you hide > them behind <AuthNProviderAlias> > > The reason is likely that the LDAP server details are owned by > mod_ldap config, but AuthNProviderAlias only creates a custom config > for the actual authentication provider, mod_authnz_ldap. Ignore this, totally wrong. I think what I am misremembering is that if you do this for authentication, it won't still be present for authorization (require) -- Eric Covener covener@xxxxxxxxx --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx |
|