|
Server Details Windows server 2003 Apache
2.2 .10 Client
certificate installed using certificate services server. I
exported the certificate and copied to c:\ldap\ldap.cer I reference the certificate in the httpd.conf file below. Objective for Intranet site Authenticate clients upon arrival of protected web pages. Authentication must be given to only members of a
particular group, the “Web” group. Authentication Method: authnz_ldap_module for Apache. Use SSL to encrypt the authentication session. Via
mod_ldap.so #LDAPTrustedClientCert c:\ldap\ldap.cer <Directory D:\web\vipintranet\data\Departments\LLUMC-Departments\Information-Services\Staff-Corner> AuthType Basic AuthName "Web" AuthBasicProvider ldap AuthLDAPBindDN Web@xxxxxxxxxxxx AuthLDAPBindPassword 1Apache* AuthLDAPURL "ldap://ActiveDirectory:389/DC=mc,DC=ad,DC=ll,DC=org?sAMAccountName?sub?(objectClass=*)" AuthLDAPURL “ldaps://ActiveDirectory:636
/DC=mc,DC=ad,DC=ll,DC=org?sAMAccountName?sub?(objectClass=*)" require ldap-attribute objectClass=user #when I use the above directive I can authenticate to
the ldap server, however other users can authenticate that should not be able
to see the content. #Require ldap-group cn=Web, ou=Web Groups, ou=Global
Security Groups, dc=mc, dc=ad, dc=ll, dc=org #When I use the directive above I cannot authenticate
at all. This is the error I receive Thu May 07 10:33:29 2009] [error] [client
192.168.0.70] File does not exist: </Directory> Thanks for your help. LDAP server: Windows server 2003 SP2 Active
Directory |
|