awesome, if we are open tomorrow (snow storm coming) I shall have to try this... I have a couple of embedded questions to help me understand it, see comments below! thanks...
my comment/questions are _below_ the item they are related to:
On Thu, 20 Jan 2005 14:15:21 -0800 (PST), lee@leegarner.com lee@leegarner.com wrote:
I have mod_authz_ldap working ok. Here's a .htaccess file:
AuthName "Authorized Access Only" AuthType Basic AuthzLDAPEngine on AuthzLDAPServer "serverip:389" AuthzLDAPBindDN ldap_lookup@domain.com
Does AuthzLDAPBindDN need to be the full ADS username@domain.com?
AuthzLDAPBindPassword Ldap_Lookup_password AuthzLDAPUserKey sAMAccountName
So this is where this goes... not blah blah... DC=com?sAMAccountName?sub?(objectClass=user)
AuthzLDAPUserBase dc=domain,dc=com
With this user base, this will go set it to look at the top of the ADS schema? For example, I have an OU = MyCity in case we ever expanded to another city I could have another OU for those users.
AuthzLDAPUserScope subtree
and this tells it to search all subordinate OU's in the tree?
AuthzLDAPSetAuthorization off
What is AuthzLDAPSetAuthorization off for?
require group CN=GroupName,CN=Users,DC=domain,DC=com
I can still use "require valid-user" here right? require valid-user OU=MyCity,DC=domain,DC=com ??
Thanks for fielding my questions!! :) David McD
However, I have come to find out that CentOS 3.4 only comes with mod_authz_ldap and when I did some reading on it, doesn't seem like it will work with M ADS at all. Any thoughts on how I can get
CentOS mailing list CentOS@caosity.org http://lists.caosity.org/mailman/listinfo/centos