I was able to get htauth againt ldap and restricting against groups using:
<Location /protected>
# Ldap auth access
AuthType Basic
AuthName "Restricted"
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPURL "ldap://ldap.linuxweblog.com/ou=People,dc=linuxweblog,dc=com"
Require ldap-group cn=web,ou=group,dc=domain,dc=tld
AuthLDAPGroupAttributeIsDN off
AuthLDAPGroupAttribute memberUid
</Location>
Here is what the ldap search entry looks like:
# ldapsearch -x 'cn=web'
# extended LDIF
#
# LDAPv3
# base <> with scope subtree
# filter: cn=web
# requesting: ALL
#
# web, group, linuxweblog.com
dn: cn=web,ou=group,dc=linuxweblog,dc=com
objectClass: posixGroup
gidNumber: 10002
cn: web
description: access to web protected folders
memberUid: user1
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
It is essential to enter "AuthLDAPGroupAttributeIsDN off" and "AuthLDAPGroupAttribute memberUid" for it to get to the member attribute.
Reference: mod_authnz_ldap
Recent comments
8 years 1 week ago
8 years 1 week ago
8 years 1 week ago
8 years 1 week ago
8 years 33 weeks ago
8 years 36 weeks ago
9 years 6 weeks ago
9 years 12 weeks ago
9 years 13 weeks ago
9 years 21 weeks ago