i also already tried this :) ...also with the groups DN (which i found
Sadly it did not help.
On 22.05.2017 16:05, Peter Fern wrote:
> The gidNumber attribute is just the primary group. You won't see any
> supplementary groups there, just like /etc/passwd. Use memberOf with
> the group's DN or something for supplimentary groups.
> If you want to see what the data looks like in the directory, just use
> ldapsearch - this is all standard LDAP stuff, you just need to
> understand the schemas that are used.
> On 22/05/17 23:19, Sebastian Kösters wrote:
>> Hi all!
>> i have a question about the use of LDAP with .htaccess in freeIPA.
>> i am using freeIPA (V. 4.4.0-14 with CentOS 7). I now wanted to also use
>> .htaccess with LDAP.
>> My first try was this:
>> Order allow,deny
>> Allow from all
>> AuthName "test"
>> AuthType Basic
>> AuthBasicProvider ldap
>> AuthLDAPURL "ldaps://ipa01.hostname.de:636
>> Require valid-user
>> This works perfectly fine for users i created in the freeIPA Webinterface.
>> I now have to make some changes. Some Users should be able to login on
>> the Website that uses the .htaccess and some should not be able to login.
>> So i decided to create a group and add all users, which should be allowd
>> to login via .htaccess.
>> So my first try was this:
>> Require ldap-attribute gidNumber=101010
>> 101010 is the gid of my newly created group (webtest). That did not
>> work. If i use the gid of the "main" group of the users, its working
>> fine (the user is definitely part of the new group).
>> I also tried several other ways if found with the help of google, to
>> only allow users which are member of the group to have access, but every
>> attempt failed.
>> Maybe one of you guys is able to help me?!
>> Thank you and best regards
>> FreeIPA-users mailing list -- firstname.lastname@example.org
>> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
> FreeIPA-users mailing list -- email@example.com
> To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
*!!!!!!!!!!GMX GMX GMX GMX GMX!!!!!!!!!!*
FreeIPA-users mailing list -- firstname.lastname@example.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org