Re: Anyone using Active Driectory auth with Centos 5.4.....?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



This looks like the way to go, I don't like the username /pass stored in plain text but maybe if I create a special group that doesn't really have any privileges this would work, geez AD is just plain bad...lol, Thanks.

On Tue, Feb 9, 2010 at 10:57 AM, Pat and Lori Boyer <pboyer@xxxxxxxxx> wrote:
I've had decent luck with LDAP authentication for Apache. AD does not support anonymous LDAP searches so you have to have a user account that has the ability to search AD. Here's a modified sample config (.htaccess or httpd.conf) that includes security group membership checks. This would require that a user login with their Windows domain username and password and that the user be a member of the AD security group 'managers':

AuthType              basic
AuthName              "Windows Domain Credentials - Managers Only"
AuthzLDAPMethod       ldap
AuthzLDAPServer       "dc1.example.com"
AuthzLDAPBindDN       "CN=username,CN=Users,DC=example,DC=com"
AuthzLDAPBindPassword "superSecretPassword"
AuthzLDAPUserBase     "CN=Users,DC=example,DC=com"
AuthzLDAPUserKey      sAMAccountName
AuthzLDAPUserScope    subtree
AuthzLDAPGroupBase    "CN=Users,DC=example,DC=com"
AuthzLDAPGroupKey     cn
AuthzLDAPGroupScope   subtree
AuthzLDAPMemberKey    member
AuthzLDAPSetGroupAuth ldapdn
require group         managers




On Tue, Feb 9, 2010 at 11:35 AM, Tom Bishop <bishoptf@xxxxxxxxx> wrote:
I looked over an most of which I have already done, the last piece that I am trying to address is how to do authentication with Apache against active directory, mod_auth_pam is one way but I have not had any luck getting it to compile with the latest Apache....Thanks


On Mon, Feb 8, 2010 at 6:49 PM, Arvind P R <iinfi1@xxxxxxxxx> wrote:
I had written a blog quite some time back on this. There might be some
glitches in it, but will give you some clue. The blog is
blog.Palalinha.Com
i am sitting at the airport with my mobile so cant find you the
correct thread in the blog. Let me know if it helps.

On 2/8/10, Tom Bishop <bishoptf@xxxxxxxxx> wrote:
> Setting up a new backuppc for a small group of device and I am running
> centos 5.4 with winbind setup and working.  Everything is working and I
> would like the users to authenicate using their AD creds and was wondering
> what folks are using to do that with apache 2.2 and centos 5.4.  I know
> about mod_auth_pam but that seems pretty dead so I was just wondering what
> folks were using and whats the easiest to setup.  Any pointers to any how
> to's would be appreciated...Thanks.
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux