awesome, if we are open tomorrow (snow storm coming) I shall have to
try this... I have a couple of embedded questions to help me
understand it, see comments below! thanks...
my comment/questions are _below_ the item they are related to:
On Thu, 20 Jan 2005 14:15:21 -0800 (PST), lee@xxxxxxxxxxxxx
<lee@xxxxxxxxxxxxx> wrote:
> I have mod_authz_ldap working ok. Here's a .htaccess file:
>
> AuthName "Authorized Access Only"
> AuthType Basic
> AuthzLDAPEngine on
> AuthzLDAPServer "serverip:389"
> AuthzLDAPBindDN ldap_lookup@xxxxxxxxxx
Does AuthzLDAPBindDN need to be the full ADS username@xxxxxxxxxx?
> AuthzLDAPBindPassword Ldap_Lookup_password
> AuthzLDAPUserKey sAMAccountName
So this is where this goes... not blah blah...
DC=com?sAMAccountName?sub?(objectClass=user)
> AuthzLDAPUserBase dc=domain,dc=com
With this user base, this will go set it to look at the top of the ADS
schema? For example, I have an OU = MyCity in case we ever expanded to
another city I could have another OU for those users.
> AuthzLDAPUserScope subtree
and this tells it to search all subordinate OU's in the tree?
> AuthzLDAPSetAuthorization off
What is AuthzLDAPSetAuthorization off for?
> require group CN=GroupName,CN=Users,DC=domain,DC=com
I can still use "require valid-user" here right?
require valid-user OU=MyCity,DC=domain,DC=com ??
Thanks for fielding my questions!! :)
David McD
>
>
> > However, I have come to find out that CentOS 3.4 only comes with
> > mod_authz_ldap and when I did some reading on it, doesn't seem like it
> > will work with M ADS at all. Any thoughts on how I can get
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxxx
> http://lists.caosity.org/mailman/listinfo/centos
>
