Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I don't know if this is the right forum to put this in, but if I'm wrong, please move this post! Okay, what I am trying to do is authenticate users through ldap to access a page on apache. My config works to a certain degree, but I need more "require" statements. Here's my httpd.conf:
The problem I'm having is that if I use anything other than fakeuser, then authentication fails, even if the user is part of the ldap-group LabTechs. This is because only one query is made: the require ldap-user statement. After this statement is denied, it doesn't check the ldap-group statement. Is there any way I could make this work, or have multiple require statements? I would prefer not to have to put the username and the group into another group, because it seems inconvenient by comparison.
I should note that this config DOES work for me, but it only authenticates the fakeuser, not the LabTechs group.
I guess I worded that a little weird, but what I was trying to say is that the reason I need both those statements is because that user isn't part of that group, and I would like not having to put fakeuser and Labtechs in the same group.
Thanks for the response though! Any more suggestions?
Thanks bathory, your help is very much appreciated! I couldn't read that documentation well, I had looked at it before, but I think that might work.
However, I can't test that until Monday, and I'm wondering if I would be able to put the exact path to the OU Labtechs since it's not in the same location as the LDAP URL? Either that or I guess I need to change the LDAP URL to something higher up on the tree so I can search differently. There's supposed to be a way that I can search recursively, but I don't understand the objectclass things and the search filters. I also learned I need to include a third group, which I'll call Fake_Admins. Here's a better view of how the tree looks