[Centos] in CentOS 3.4, mod_auth_ldap ?

David McDowell turnpike420 at gmail.com
Fri Jan 21 04:31:32 UTC 2005


awesome, if we are open tomorrow (snow storm coming) I shall have to
try this... I have a couple of embedded questions to help me
understand it, see comments below!  thanks...

my comment/questions are _below_ the item they are related to:

On Thu, 20 Jan 2005 14:15:21 -0800 (PST), lee at leegarner.com
<lee at leegarner.com> wrote:
> I have mod_authz_ldap working ok.  Here's a .htaccess file:
> 
> AuthName        "Authorized Access Only"
> AuthType        Basic
> AuthzLDAPEngine on
> AuthzLDAPServer "serverip:389"
> AuthzLDAPBindDN ldap_lookup at domain.com

Does AuthzLDAPBindDN need to be the full ADS username at domain.com?

> AuthzLDAPBindPassword Ldap_Lookup_password
> AuthzLDAPUserKey sAMAccountName

So this is where this goes... not blah blah...
DC=com?sAMAccountName?sub?(objectClass=user)

> AuthzLDAPUserBase dc=domain,dc=com

With this user base, this will go set it to look at the top of the ADS
schema? For example, I have an OU = MyCity in case we ever expanded to
another city I could have another OU for those users.

> AuthzLDAPUserScope subtree

and this tells it to search all subordinate OU's in the tree?

> AuthzLDAPSetAuthorization off

What is AuthzLDAPSetAuthorization off for?

> require group CN=GroupName,CN=Users,DC=domain,DC=com

I can still use "require valid-user" here right?
require valid-user OU=MyCity,DC=domain,DC=com   ??


Thanks for fielding my questions!!  :)
David McD

> 
> 
> > However, I have come to find out that CentOS 3.4 only comes with
> > mod_authz_ldap and when I did some reading on it, doesn't seem like it
> > will work with M ADS at all.  Any thoughts on how I can get
> 
> _______________________________________________
> CentOS mailing list
> CentOS at caosity.org
> http://lists.caosity.org/mailman/listinfo/centos
>



More information about the CentOS mailing list