search for: authldapbinddn

...AuthName "AD authentication" AuthBasicProvider ldap AuthType Basic AuthLDAPGroupAttribute member AuthLDAPGroupAttributeIsDN On AuthLDAPURL ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*) AuthLDAPBindDN cn=apache-connect,cn=Users,domain AuthLDAPBindPassword password require ldap-group cn=Nagios-Admins,cn=Users,domain and attempt to restart Apache. I get the following. root at nagios:~# service apache2 restart * Restarting web server apache2...

Hi , i am facing a strange problem. I have centos , i wan to access svn trought apache using mod auth ldap. This is what i have configured AuthLDAPBindDN cn=svn,ou=Operators,o=Organization AuthLDAPBindPassword Pass1 AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid" AuthLDAPGroupAttribute member AuthLDAPGroupAttributeIsDN on Require group cn=tester2,ou=Groups,o=Organization What is strange? Acco...

...g/docs/2.4/en/mod/mod_authnz_ldap.html) First you need authnz_ldap module for Apache. <Location /> AuthName "AD authentication" AuthBasicProvider ldap AuthType Basic AuthLDAPGroupAttribute member AuthLDAPGroupAttributeIsDN On AuthLDAPURL "ldap://addc1:3268/?sAMAccountName?sub AuthLDAPBindDN apache-connect at contoso.com AuthLDAPBindPassword password Require ldap-group CN=Sysadmins_GRP,OU=groups,OU=company,DC=contoso,DC=com </Location> Hope this will help someone and could be a good idea to update the wiki page.

...ember AuthLDAPGroupAttributeIsDn On # Adding cn and displayName is optional, but provides the value # as environment variables to the script # e.g.: AUTHORIZE_DISPLAYNAME="John Doe" AuthLDAPURL ldaps://{ad-server}/CN=Users,DC=X,DC=Y?sAMAccountName,cn,displayName?sub?(objectClass=*) AuthLDAPBindDN CN=http-{servername},CN=Users,DC=X,DC=Y AuthLDAPBindPassword {password of user "http-{servername}"} require ldap-group cn={groupname},cn=Users,DC=X,DC=Y # Sends forbidden when Kerberos authentication succeeded, # but LDAP authorization failed. This is the case when a # user is not...

...tion" > AuthBasicProvider ldap > AuthType Basic > AuthLDAPGroupAttribute member > AuthLDAPGroupAttributeIsDN On > AuthLDAPURL > ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*) > AuthLDAPBindDN cn=apache-connect,cn=Users,domain > AuthLDAPBindPassword password > require ldap-group cn=Nagios-Admins,cn=Users,domain > > > and attempt to restart Apache. I get the following. > > root at nagios:~# service apache2 restart > * Restarting web server >...

...tion" > AuthBasicProvider ldap > AuthType Basic > AuthLDAPGroupAttribute member > AuthLDAPGroupAttributeIsDN On > AuthLDAPURL > ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*) > AuthLDAPBindDN cn=apache-connect,cn=Users,domain > AuthLDAPBindPassword password > require ldap-group cn=Nagios-Admins,cn=Users,domain Why are you bothering to use anything outside of Kerberos? Very few web projects actually need any group, uid, or other information and are much simplified...

...AP access to do LDAP queries; this 'mta' > examples, need to me to do email/aliases procesing in exim. > For what it's worth, I have done exactly this for an account I use in Apache for LDAP authentication, it sounds similar to your use case here. In my Apache config I have: AuthLDAPBindDN cn=apacheuser,cn=Users,dc=mydomain,dc=uk and I have just checked in AD, this user is a member of 'Domain Guests' and not 'Domain Users'. I think, if you are only doing LDAP searches and not using any "Windows style" functionality, then this will work just fine. Try it, a...

...ame/passwd. <Directory /var/www/html/secure> Allow from All AuthType Basic AuthName "Ldap test area" AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPURL "ldap://server:389/OU=OU=name,OU=area,DC=core,DC=test,DC=edu?sAMAccountName?sub?(objectClass=*)" AuthLDAPBindDN "username at core" AuthLDAPBindPassword password require valid-user </Directory> - In addition, I used LikeWise software and was able to successfully join AD. I was wondering if there is a way to do http authentication without passing my username/password considering server is...

.... (all the bind responses reported success) The appropriate (anonymized) lines from httpd.conf are: <Location /logo.gif> # <--- change path as needed Order allow,deny Allow from all AuthBasicProvider ldap AuthType Basic AuthzLdapAuthoritative off AuthName "BackupPC login" AuthLDAPBindDN ldapb at centos.org AuthLDAPBindPassword myformerlysecretpasswordpostedtoworld AuthLDAPURL "ldap://10.XX.XX.XXX:389/DC=centos,DC=org?sAMAccountName?sub? (objectClass=*)" NONE require valid-user </Location> I have debug turned on. On startup I get: [root at backuppc httpd]# servi...

...24 LDAPOpCacheTTL 600 <Location /ldap-status> SSLRequire true SetHandler ldap-status </Location> <Location /repos> DAV svn SVNParentPath /srv/svn/repos </Location> <Location /repos/repo1> SSLRequireSSL AuthName "SVN Repo 1" AuthType Basic AuthLDAPBindDN cn=svnbind,cn=systemusers,dc=example,dc=com AuthLDAPBindPassword plaintextpassword AuthUserFile /etc/httpd/svnpasswd AuthLDAPURL "ldaps://ldapserver1.example.com/dc=example,dc=com?uid ldaps://ldapserver2.example.com/dc=example,dc=com?uid " AuthBasicProvider file ldap AuthzLD...

James Hogarth wrote: > On 12 Apr 2016 16:29, "Scott Robbins" <scottro11 at gmail.com> wrote: >> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote: >> > W dniu 11.04.2016 o 20:07, Scott Robbins pisze: <SNIP> > After various testing I ended up going with the Apache LDAP cache module > and doing the auth at the Apache level, not system. >

Mandi! Rowland Penny via samba In chel di` si favelave... > Not sure what you are proposing is going to work, AD expects every user > to be a member of Domain Users, even though there is nothing in AD to > show membership. Ah. > Do you require this user to visible on all domain machines ? [...] > It might help if you could explain how you are going to use your new > user