hi all i've been given the task of setting up ldap authentication against a windows 2000 active directory from a webpage served up by our apache box.
the documentation that exists for this is sparse. so far, i've: installed auth_ldap as an apache module recompiled php4 for openldap support recompiled apache for modssl support i've been going through the examples listed on http://www.rudedog.org/auth_ldap/ (auth_ldap homepage) - but the examples listed on this page are mainly for iPlanet, no examples are given for windows active directory authentication, just some notes on the subject... ideally, i'd like to have a webpage/pages protected by .htaccess that authenticates against my win2k pdc. i've tried the following in my httpd.conf file #<Directory "/usr/local/www/data-dist/ldap"> #Options Indexes FollowSymLinks #AllowOverride None #Order allow,deny #Allow from all #AuthLDAPEnabled on #AuthLDAPAuthoritative on #AuthName "Secure Access" #AuthType Basic #AuthLDAPBindDN CN=users,DC=my.domaincontroller.edu,DC=edu #AuthLDAPBindPassword MyP4sswurd #AuthLDAPUrl ldap://my.domaincontroller.edu:389/DC=my.domaincontroller .edu,DC=edu?sAMAccountName?sub?(objectClass*) #require valid-user #</Directory> (these have been commented out, but it wasn't working when i tried it, i didn't even get an login prompt) i'm kind of unsure if my syntax above is ok, whether or not i've compiled in the right modules/options, whether i should be putting the above directives directly into my httpd.conf file, or whether i should put these into an .htaccess file, etc. anyone have any experience with auth_ldap/apache authentication to a win2k active directory? any pointers or recommendations would be welcome. thanks redmond -- FreeBSD 5.1-RELEASE-p10 FreeBSD 5.1-RELEASE-p10 #0: Fri Oct 3 21:30:51 CDT 2003 9:30AM up 1:11, 4 users, load averages: 0.03, 0.01, 0.05 Death is Nature's way of recycling human beings.
pgp00000.pgp
Description: PGP signature