Hi all!

i have a question about the use of LDAP with .htaccess in freeIPA.

i am using freeIPA (V. 4.4.0-14 with CentOS 7). I now wanted to also use
.htaccess with LDAP.

My first try was this:

---

Order allow,deny
Allow from all
AuthName "test"
AuthType Basic
AuthBasicProvider ldap
AuthLDAPURL "ldaps://ipa01.hostname.de:636
ipa02.hostname.de:636/cn=users,cn=accounts,dc=domain,dc=de?uid"
Require valid-user

---

This works perfectly fine for users i created in the freeIPA Webinterface.

I now have to make some changes. Some Users should be able to login on
the Website that uses the .htaccess and some should not be able to login.

So i decided to create a group and add all users, which should be allowd
to login via .htaccess.

So my first try was this:

---

[...]
Require ldap-attribute gidNumber=101010
[...]

---

101010 is the gid of my newly created group (webtest). That did not
work. If i use the gid of the "main" group of the users, its working
fine (the user is definitely part of the new group).

I also tried several other ways if found with the help of google, to
only allow users which are member of the group to have access, but every
attempt failed.

Maybe one of you guys is able to help me?!

Thank you and best regards
Sebastian
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org

Reply via email to