G
Guest
Have apache
Using mod_authz_ldap
We can authenticate by user distinguished name and establish group
membership via user distinguished name (i.e., first last) but we need to test
for group membership via SAMaccount name and test for group membership that
way
#
# mod_authz_ldap can be used to implement access control and
# authenticate users against an LDAP database.
#
The current authz_conf file follows:
LoadModule authz_ldap_module modules/mod_authz_ldap.so
<IfModule mod_authz_ldap.c>
<Directory /var/www/html/martin>
AuthzLDAPMethod ldapmapped
AuthzLDAPServer swansboro.lib.unc.edu
AuthzLDAPUserBase cn=users,dc=lib,dc=unc,dc=edu
AuthzLDAPUserKey cn
AuthzLDAPUserScope base
AuthzLDAPGroupBase cn=users,dc=lib,dc=unc,dc=edu
AuthzLDAPGroupKey cn
AuthzLDAPSetGroupAuth ldapdn
AuthzLDAPGroupScope base
#
AuthType basic
AuthName "(e-mail address removed)"
require group Systems
Ideas regarding what we should try?
Thanks,
kevinL
Using mod_authz_ldap
We can authenticate by user distinguished name and establish group
membership via user distinguished name (i.e., first last) but we need to test
for group membership via SAMaccount name and test for group membership that
way
#
# mod_authz_ldap can be used to implement access control and
# authenticate users against an LDAP database.
#
The current authz_conf file follows:
LoadModule authz_ldap_module modules/mod_authz_ldap.so
<IfModule mod_authz_ldap.c>
<Directory /var/www/html/martin>
AuthzLDAPMethod ldapmapped
AuthzLDAPServer swansboro.lib.unc.edu
AuthzLDAPUserBase cn=users,dc=lib,dc=unc,dc=edu
AuthzLDAPUserKey cn
AuthzLDAPUserScope base
AuthzLDAPGroupBase cn=users,dc=lib,dc=unc,dc=edu
AuthzLDAPGroupKey cn
AuthzLDAPSetGroupAuth ldapdn
AuthzLDAPGroupScope base
#
AuthType basic
AuthName "(e-mail address removed)"
require group Systems
Ideas regarding what we should try?
Thanks,
kevinL