LDAP Authentication

Apache can be configured to authenticate users against an LDAP database, such as Open Directory, part of Apple's OS X Server.

http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html
http://blog.case.edu/gps10/2005/02/23/apache2_ssl_ldap_authentication_howto
http://www.nies.ch/doc/apache-ldap-webdav.en.php
Prerequisites

yum install openldap-devel

Installation
To install LDAP authentication support in Apache, it must be configured with:

--with-ldap --enable-ldap --enable-authnz-ldap

NOTE: --with-ldap appears to be broken in Apache 2.2.9.
Might also need:

--with-ldap-include=/usr/local/include --with-ldap-lib=/usr/local/lib

Authenticate Against an OS X Open Directory server
Require a valid user:

AuthName "LDAP Test"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://<server>/cn=users,dc=domain,dc=com?uid
require valid-user

The user should be a member of a certain group:

AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
require ldap-group cn=<group>,cn=groups,dc=<domain>,dc=com

Recent Updates

  • 1 year 7 months ago
  • 1 year 7 months ago
  • 1 year 7 months ago
    php 8.x
  • 1 year 7 months ago
    10.6.7
  • 1 year 7 months ago
    Drop Centos 5/6 stuff