Displaying 14 results from an estimated 14 matches for "authldapurl".
2007 Jul 18
1
apache mod_authnz_ldap: multiple servers syntaxes
...ying this here first before moving to the apache list. Maybe
someone of you use mod_authnz_ldap with multiple ldap servers
declaration for redundancy.
With one server declared it is working.
Here is what I've tried for adding another one (space separated as read
in the apache's doc) :
....
AuthLDAPURL
ldaps://ldap1.example.com/ou=People,dc=example,dc=com?uid??(businessCategory=foo)
ldaps://ldap2.example.com/ou=People,dc=example,dc=com?uid??(businessCategory=foo)
....
Result:
Syntax error on line 43 of /etc/httpd/conf.d/trac.conf:
Invalid LDAP connection mode setting: must be one of NONE, SSL, o...
2015 May 11
6
Authenticating Apache Against Active Directory
.../>
Options FollowSymLinks
AllowOverride None
Require all granted
Allow from all
AuthName "AD authentication"
AuthBasicProvider ldap
AuthType Basic
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN On
AuthLDAPURL
ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*)
AuthLDAPBindDN cn=apache-connect,cn=Users,domain
AuthLDAPBindPassword password
require ldap-group cn=Nagios-Admins,cn=Users,domain
and attempt to restart Apache. I get the follo...
2008 Apr 10
2
mod_auth_ldap Apache2 on CentOS 5 and require group
Hi , i am facing a strange problem.
I have centos , i wan to access svn trought apache using mod auth ldap.
This is what i have configured
AuthLDAPBindDN cn=svn,ou=Operators,o=Organization
AuthLDAPBindPassword Pass1
AuthLDAPURL "ldap://ldap/ou=Users,o=Organization?uid"
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN on
Require group cn=tester2,ou=Groups,o=Organization
What is strange?
According to doc it will accept only users which DN is in group
cn=teste2,ou=Groups,o=Organiza...
2015 Oct 07
1
Working configuration for Apache 2.4 auth vs Samba 4 AD
...working configuration (thanks to
http://httpd.apache.org/docs/2.4/en/mod/mod_authnz_ldap.html)
First you need authnz_ldap module for Apache.
<Location />
AuthName "AD authentication"
AuthBasicProvider ldap
AuthType Basic
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN On
AuthLDAPURL "ldap://addc1:3268/?sAMAccountName?sub
AuthLDAPBindDN apache-connect at contoso.com
AuthLDAPBindPassword password
Require ldap-group CN=Sysadmins_GRP,OU=groups,OU=company,DC=contoso,DC=com
</Location>
Hope this will help someone and could be a good idea to update the wiki
page.
2017 Apr 04
1
Apache2 Kerberos-Authentication and LDAP-Authorization
...thRealms X.Y
Krb5KeyTab /etc/apache2/apache.keytab
KrbLocalUserMapping On
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDn On
# Adding cn and displayName is optional, but provides the value
# as environment variables to the script
# e.g.: AUTHORIZE_DISPLAYNAME="John Doe"
AuthLDAPURL
ldaps://{ad-server}/CN=Users,DC=X,DC=Y?sAMAccountName,cn,displayName?sub?(objectClass=*)
AuthLDAPBindDN CN=http-{servername},CN=Users,DC=X,DC=Y
AuthLDAPBindPassword {password of user "http-{servername}"}
require ldap-group cn={groupname},cn=Users,DC=X,DC=Y
# Sends forbidden when Ker...
2018 Feb 05
0
mod_auth_kerb realm not stripped
...ry. Achieved using
realmd, SSSD and krb5-workstation together with a ktpass-generated keytab.
Apache's mod_auth_kerb allows users to authenticate via their AD accounts, and
authorise with "require user" directive. But so far we fail to authorise via
AD group membership. i.e. adding AuthLDAPUrl and "require ldap-group"
directives to httpd.conf results in access being denied. Using ldapsearch
with GSSAPI (or password entry) works as expected.
After looking at debug logs and tcpdump output, I (possibly incorrectly) put
the issue down to being unsure how to get krb5_aname_to_local...
2015 May 11
0
Authenticating Apache Against Active Directory
...AllowOverride None
> Require all granted
> Allow from all
> AuthName "AD authentication"
> AuthBasicProvider ldap
> AuthType Basic
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN On
> AuthLDAPURL
> ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*)
> AuthLDAPBindDN cn=apache-connect,cn=Users,domain
> AuthLDAPBindPassword password
> require ldap-group cn=Nagios-Admins,cn=Users,domain
>
>
> and attempt...
2015 May 12
0
Authenticating Apache Against Active Directory
...AllowOverride None
> Require all granted
> Allow from all
> AuthName "AD authentication"
> AuthBasicProvider ldap
> AuthType Basic
> AuthLDAPGroupAttribute member
> AuthLDAPGroupAttributeIsDN On
> AuthLDAPURL
> ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*)
> AuthLDAPBindDN cn=apache-connect,cn=Users,domain
> AuthLDAPBindPassword password
> require ldap-group cn=Nagios-Admins,cn=Users,domain
Why are you bothering to us...
2011 Mar 09
1
Apache/Active Directory authentication
...far I've accomplished the following:
- Setup httpd.conf to successfully authenticate against AD by passing my username/passwd.
<Directory /var/www/html/secure>
Allow from All
AuthType Basic
AuthName "Ldap test area"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldap://server:389/OU=OU=name,OU=area,DC=core,DC=test,DC=edu?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "username at core"
AuthLDAPBindPassword password
require valid-user
</Directory>
- In addition, I used LikeWise software and was able to successfully join...
2007 Oct 25
0
apache mod_authnzldap against Active Directory
...onf are:
<Location /logo.gif> # <--- change path as needed
Order allow,deny
Allow from all
AuthBasicProvider ldap
AuthType Basic
AuthzLdapAuthoritative off
AuthName "BackupPC login"
AuthLDAPBindDN ldapb at centos.org
AuthLDAPBindPassword myformerlysecretpasswordpostedtoworld
AuthLDAPURL "ldap://10.XX.XX.XXX:389/DC=centos,DC=org?sAMAccountName?sub?
(objectClass=*)" NONE
require valid-user
</Location>
I have debug turned on. On startup I get:
[root at backuppc httpd]# service httpd start
Starting httpd: [Mon Oct 22 15:53:31 2007] [debug] mod_authnz_ldap.c(849):...
2009 Mar 20
1
pam_ldap and nss_ldap failover
I'm (finally) getting around to putting a backup LDAP authentication
server on my network. The backup uses syncrepl to grab the database,
and to my eyes both LDAP servers answer read queries identically.
I'm testing the client side of this configuration on virtual CentOS 5
i386 machine. /etc/ldap.conf reads
----- %< -----
base dc=DOMAIN,dc=com
timelimit 30
bind_timelimit 30
2016 Apr 12
1
Slow authentication on C7
...DAV svn
SVNParentPath /srv/svn/repos
</Location>
<Location /repos/repo1>
SSLRequireSSL
AuthName "SVN Repo 1"
AuthType Basic
AuthLDAPBindDN cn=svnbind,cn=systemusers,dc=example,dc=com
AuthLDAPBindPassword plaintextpassword
AuthUserFile /etc/httpd/svnpasswd
AuthLDAPURL "ldaps://ldapserver1.example.com/dc=example,dc=com?uid
ldaps://ldapserver2.example.com/dc=example,dc=com?uid "
AuthBasicProvider file ldap
AuthzLDAPAuthoritative off
AuthLDAPGroupAttribute member
AuthLDAPGroupAttributeIsDN On
# READ
<Limit OPTIONS PROPFIND GET REPORT&g...
2016 Apr 12
2
Slow authentication on C7
James Hogarth wrote:
> On 12 Apr 2016 16:29, "Scott Robbins" <scottro11 at gmail.com> wrote:
>> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote:
>> > W dniu 11.04.2016 o 20:07, Scott Robbins pisze:
<SNIP>
> After various testing I ended up going with the Apache LDAP cache module
> and doing the auth at the Apache level, not system.
>
2016 Apr 11
5
Slow authentication on C7
...uthz off
DAV svn
SVNPath /home/repos/subversion_free_avr
AuthBasicAuthoritative off
AuthBasicProvider socache external
AuthExternal pwauth
AuthnCacheProvideFor external
AuthType Basic
AuthName "Subversion repository"
AuthLDAPURL ldap://ldap.our.domain/ou=Main,o=company
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=programmers,ou=group,ou=main,o=company
#GroupExternal unixgroup
#Require group programmers
#Require valid-user
#Auth...