Rob Tanner wrote:
> Hi,
>
> I'm having problems with LDAP authentication. What worked in Apache
> v2.0.53 does not work in Apache v2.2.4 and I assume that the difference
> is actually between mod_auth_ldap.c and mod_authnz_ldap.c. Below is an
> example of an LDAP configuration that works with the older server
> (w/mod_auth_ldap.c ):
>
> <Location /soan>
> AuthLDAPUrl ldap://biblio.linfield.edu:389/o=linfield.edu?uid
> AuthLDAPBindDN "cn=Postfix,ou=Special Users,o=linfield.edu"
> AuthLDAPBindPassword secret
> AuthName "Sociology and Anthropology"
> AuthType Basic
> DAV On
> ForceType text/plain
> <Limit GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE
> LOCK UNLOCK>
> Require group cn=webdav.soan, ou=webdav, o=linfield.edu
> </Limit>
> AllowOverride None
> </Location>
>
> What changes are necessary to use this with Apache 2.2.4 and
> mod_authnz_ldap.c?
>
> Thanks,
> Rob
>
>
>
What works for us is (I have anon bind enabled):
<Directory "/path-to-htdocs/ldap-secured">
Options FollowSymLinks
AllowOverride None
AuthName "LDAP authentication"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL "ldap://localhost:389/o=your_own_base?uid?sub?";
require valid-user
</Directory>
--
°(((=((===°°°(((===========================================
begin:vcard fn:Ricardo Stella n:Stella;Ricardo org:Rider University;Office of Information Technology adr;dom:;;2083 Lawrenceville Rd;Lawrenceville;NJ;08648 title:Assistant Director version:2.1 end:vcard
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|