Wednesday, August 7, 2013

ldap on Apache to MS Active Directory


So I've recently struggled with ldap syntax in several different programs. Most recently I have setup viewvc on a Centos box to see config diffs easier in RANCID. After going around and around, knowing that I've done this in the past and struggled. I finally figured I should have a central repository for all the random things that I do and forget. So here it is. Part of my httpd.conf that allows for ldap to MS Active Directory.

I have yet to understand why some things have quotes and some don't....but it works...so whatever


<Directory "/var/www/cgi-bin">
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

<Location "/">
    AuthType Basic
    AuthName "Whatever You Want Here"
    AuthBasicProvider ldap
    AuthzLDAPAuthoritative off
    AuthLDAPBindDN "CN=ldapuser,OU=Service Accounts,OU=IT,OU=Users,DC=domain,DC=local"
    AuthLDAPBindPassword "InsertPasswordHere"
    AuthLDAPURL "ldap://domain.local/OU=IT,OU=Users,DC=domain,DC=local?sAMAccountName?sub?(objectClass=*)"
    Require ldap-group CN=GroupNameHere,CN=Users,DC=domain,DC=local
</Location>

No comments:

Post a Comment