httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Gonzales" <rgonza...@earthboundmediagroup.com>
Subject [users@httpd] LDAPS Apache 2.2
Date Thu, 07 May 2009 21:21:13 GMT
Server Details

Windows server 2003

                 Apache 2.2 .10

Client certificate installed using certificate services server.

I exported the certificate and copied to c:\ldap\ldap.cer

I reference the certificate in the httpd.conf file below.

 

 

Objective for Intranet site

Authenticate clients upon arrival of protected web pages.

Authentication must be given to only members of a particular group, the
"Web" group.

Authentication Method: authnz_ldap_module for Apache.

Use SSL to encrypt the authentication session. Via mod_ldap.so

 

 

#LDAPTrustedClientCert c:\ldap\ldap.cer

<Directory
D:\web\vipintranet\data\Departments\LLUMC-Departments\Information-Servic
es\Staff-Corner>

 

AuthType Basic

AuthName "Web"

AuthBasicProvider ldap

AuthLDAPBindDN Web@mc.ad.ll.org

AuthLDAPBindPassword 1Apache*

 

AuthLDAPURL
"ldap://ActiveDirectory:389/DC=mc,DC=ad,DC=ll,DC=org?sAMAccountName?sub?
(objectClass=*)"

AuthLDAPURL "ldaps://ActiveDirectory:636
/DC=mc,DC=ad,DC=ll,DC=org?sAMAccountName?sub?(objectClass=*)"

 

require ldap-attribute objectClass=user

#when I use the above directive I can authenticate to the ldap server,
however other users can authenticate that should not be able to see the
content.

#Require ldap-group cn=Web, ou=Web Groups, ou=Global Security Groups,
dc=mc, dc=ad, dc=ll, dc=org

#When I use the directive above I cannot authenticate at all. This is
the error I receive

Thu May 07 10:33:29 2009] [error] [client 192.168.0.70] File does not
exist:

 

</Directory>

 

Thanks for your help.

 

 

LDAP server: Windows server 2003 SP2 Active Directory

 

 

 

                

 

 

 


Mime
View raw message