Hi, For our site, we want to start using LDAP for authenticating users to our website. I'm running some tests, but run into a problem when I want to start giving access by groups. I've added the following to the httpd.conf : # LDAP Authentication <Directory /var/httpd/test> AuthName "Login" AuthType Basic AuthLDAPURL ldap://ldapx.snow.nl/ou=people,dc=snow,dc=nl?uid AuthLDAPGroupAttribute somegroup require valid-user </Directory> I have a testuser in LDAP, who is a member of the group "techniek" When the deirective "AuthLDAPGroupAttribute" has the attribute "techniek", the user can access the testdirectory. But when I change the attribute to another (existing) group in LDAP, from which the testuser is no member, I still can access the page as that testuser. But I would expect that I would not gain access to the page if the group is no corresponding with the group the user belongs to ? best regards, Andy Kannberg The Netherlands. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|