On Tue, 27 Feb 2007, Josh Miller wrote:
The example does not accomplish what the OP describes, as it is limited to the Users OU. The goal here is to be able to point the Apache config at a Domain Controller and have it search ALL OUs and right now there is a seeming limitation on a single top-level OU -- although any user object within that top-level OU will work.
I changed the coniguration I posted slightly from the "real" configuration. In our Active Directory structure, we have an OU at the root-level called "Acad", therefore:
AuthLDAPURL ldap://my.domain.edu:389/cn=Acad,DC=domain,DC=edu?sAMAccountName?sub?(objectclass=*)
With this, we're able to authenticate any user "under" the Acad OU. There are no user objects actually *in* the Acad OU, but there a few OUs under that where user objects reside.
I suppose I am not "searching all OUs" as I limit the searches to anything the top-level Acad OU.
HTH, -j -- Jeremy L. Gaddis, MCP, GCWN jeremy@xxxxxxxxxxxx LinuxWiz Consulting http://linuxwiz.net -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
