LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-07-2016, 01:23 PM   #1
moonsun1124
LQ Newbie
 
Registered: Sep 2016
Posts: 2

Rep: Reputation: Disabled
LDAP Authentication with Apache


Hi All,
I am trying to setup LDAP authentication.

Group Informatin:

ldapsearch -x -h ldap-corporate -b "o=example.com,c=us" "cn=Security "

extended LDIF

#

LDAPv3

base with scope subtree

filter: cn=Security

requesting: ALL

#

Security , lm8100, example.com, US

dn: cn=Security , ou=lm8100, o=example.com, c=US businessCategory: secadm cn: Security objectClass: groupOfUniqueNames objectClass: epicGroup objectClass: top uniqueMember: cn=Kim Ldaf + uid=CLKM9876,ou=lm8100,o=example.com,c=US uniqueMember: cn=HLK MNOIL+uid=DKL06, ou=lm8100,o=example.com,c=us uniqueMember: cn=TREKS DNKO+uid=RIK02, ou=lm8100,o=example.com,c=US

This is my configuration and it is accepting all valid LDAP users but my requirement is need accept only valid users for that particular group:

We have different OU's with in a group.

HTTP.Conf
==============

AllowOverride None
Order deny,allow
Allow from all
AuthType Basic
AuthName "Protected"
Require valid-user
AuthBasicAuthoritative Off
AuthzLDAPAuthoritative Off
AuthBasicProvider ldap
AuthLDAPUrl ldap://HOST/o=example.com,c=us?uid?sub
Require ldap-group cn=SC HelpDesk,o=example.com,c=US
===================================================

Thanks,

Last edited by moonsun1124; 09-07-2016 at 02:48 PM.
 
Old 09-08-2016, 07:01 AM   #2
24x7servermanagement
Member
 
Registered: Jul 2016
Location: India
Distribution: CentOS, Redhat, Ubuntu and Debian
Posts: 50

Rep: Reputation: Disabled
I think your require ldap group should be

Code:
 Require ldap-group cn=Security HelpDesk,o=example.com,c=US
Refer :

https://httpd.apache.org/docs/2.4/mo....html#reqgroup
 
Old 09-08-2016, 11:26 AM   #3
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,671

Rep: Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562Reputation: 1562
Quote:
Originally Posted by 24x7servermanagement View Post
I think your require ldap group should be

Require ldap-group cn=Security HelpDesk,o=example.com,c=US
From the ldapsearch output:
Quote:
dn: cn=Security , ou=lm8100, o=example.com, c=US businessCategory: secadm cn: Security objectClass: groupOfUniqueNames objectClass: epicGroup objectClass: top uniqueMember: cn=Kim Ldaf + uid=CLKM9876,ou=lm8100,o=example.com,c=US uniqueMember: cn=HLK MNOIL+uid=DKL06, ou=lm8100,o=example.com,c=us uniqueMember: cn=TREKS DNKO+uid=RIK02, ou=lm8100,o=example.com,c=US
looks like the group dn is
Code:
cn=Security , ou=lm8100, o=example.com, c=US
 
  


Reply

Tags
apache authentication, httpdconf, ldaphome


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] LDAP authentication error [Can't contact LDAP server] from apache httpd jonathan_w_brown Linux - Server 6 12-28-2011 05:30 PM
[SOLVED] Apache authentication: allow LDAP group OR user named guest, but not all LDAP users AlucardZero Linux - Server 1 05-25-2011 03:21 PM
Apache with ldap authentication ksri07091983 Linux - Server 8 10-14-2008 03:56 PM
Apache LDAP authentication Amuro-Ray2020 Linux - Security 5 07-28-2007 06:31 PM
ldap authentication for Apache anjani.78 Linux - Software 1 08-03-2006 04:06 AM


All times are GMT -5. The time now is 03:05 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration