Date: Tue, 14 Oct 2003 09:52:31 -0500 From: Redmond Militante <r-militante@northwestern.edu> To: freebsd-questions@freebsd.org Subject: apache/auth_ldap authentication to win2k active directory Message-ID: <20031014145231.GA1562@darkpossum>
next in thread | raw e-mail | index | archive | help
--x+6KMIRAuhnl3hBn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable hi all i've been given the task of setting up ldap authentication against a window= s 2000 active directory from a webpage served up by our apache box. the documentation that exists for this is sparse. so far, i've:=20 installed auth_ldap as an apache module recompiled php4 for openldap support recompiled apache for modssl support i've been going through the examples listed on http://www.rudedog.org/auth_= ldap/ (auth_ldap homepage) - but the examples listed on this page are mainl= y for iPlanet, no examples are given for windows active directory authentic= ation, just some notes on the subject... ideally, i'd like to have a webpage/pages protected by .htaccess that authe= nticates against my win2k pdc. i've tried the following in my httpd.conf f= ile #<Directory "/usr/local/www/data-dist/ldap"> #Options Indexes FollowSymLinks #AllowOverride None #Order allow,deny #Allow from all #AuthLDAPEnabled on #AuthLDAPAuthoritative on #AuthName "Secure Access" #AuthType Basic #AuthLDAPBindDN CN=3Dusers,DC=3Dmy.domaincontroller.edu,DC=3Dedu #AuthLDAPBindPassword MyP4sswurd=20 #AuthLDAPUrl ldap://my.domaincontroller.edu:389/DC=3Dmy.domaincontroller =2Eedu,DC=3Dedu?sAMAccountName?sub?(objectClass*) #require valid-user #</Directory> (these have been commented out, but it wasn't working when i tried it, i di= dn't even get an login prompt) i'm kind of unsure if my syntax above is ok, whether or not i've compiled i= n the right modules/options, whether i should be putting the above directiv= es directly into my httpd.conf file, or whether i should put these into an = .htaccess file, etc. anyone have any experience with auth_ldap/apache authentication to a win2k = active directory? any pointers or recommendations would be welcome. =20 thanks redmond --=20 FreeBSD 5.1-RELEASE-p10 FreeBSD 5.1-RELEASE-p10 #0: Fri Oct 3 21:30:51 CDT = 2003 9:30AM up 1:11, 4 users, load averages: 0.03, 0.01, 0.05 =20 Death is Nature's way of recycling human beings. =20 --x+6KMIRAuhnl3hBn Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/jA2u7g+NJl/fSB0RAr/+AKCQNYQJ12feq2mRVWjXL1M7/E1FuACfXJX+ q3Qaf1hUK1n5MEYVzclT2HA= =jl/S -----END PGP SIGNATURE----- --x+6KMIRAuhnl3hBn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031014145231.GA1562>