2010-05-25

Apache LDAP Configuration

Examples on how to authenticate a url served by Apache 2.2.x the OpenLDAP way and the Active Directory way

LoadModule authz_ldap_module modules/mod_authz_ldap.so

<IfModule mod_authz_ldap.c>

LDAPSharedCacheSize 500000
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600
LDAPTrustedMode SSL
LDAPVerifyServerCert Off

<Location /ldap-status>
SetHandler ldap-status
</Location>

<Location /openldap-protected>
Order deny,allow
Allow from all
AuthType Basic
AuthName "authentication required"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
#
# OpenLDAP way
#
AuthLDAPURL "ldaps://openldapserver.example.com/ou=people,dc=example,dc=com?uid?sub?(objectClass=*)"
AuthLDAPBindDN "cn=Manager,dc=example,dc=com"
AuthLDAPBindPassword "s3cr3tp@55w0rd"
Require valid-user
</Location>

<Location /activedirectory-protected>
Order deny,allow
Allow from all
AuthType Basic
AuthName "authentication required"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
#
# Active Diretory way
#
AuthLDAPURL "ldaps://activedirectoryserver.example.com:3269/DC=example,DC=com?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "ldap@example.com"
AuthLDAPBindPassword "s3cr3tp@55w0rd"
Require valid-user
</Location>

</IfModule>

Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Ratings and Recommendations by outbrain