Hi Ravi,
LDAP is for authentication and authorisation purpose.Consider you have
active directory which consists of numerous Distributions
lists([email protected]).
This groups consists of 5 members gmailids.If you provide username and
password,it will validate against your username and password in active
directory.It is known as authentication and if checking if that gmailid is
in that particular group or not is authorisation.
Changes to be done in /etc/httpd/conf/httpd.conf
1.Change the log level to debug mode and check for errors in
/var/log/httpd/error.log
2.<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot /var/www/html
ServerName (hostname given correctly)
ErrorLog /var/log/error.log
<Location /sss>
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "Enter ur AD username and password"
AuthLDAPURL "
ldap://xxx.com:389/OU=yyy,DC=zzz,DC=aaa?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "hariprasadh89@gmailcom"
AuthLDAPBindPassword password
require valid-user
Require group [email protected]
Require ldap-group CN=rocks OU=goolegroups,DC=gmail,DC=com
</Location>
ProxyPass /sss http://ipaddr:8080/sss //This is proxy pass
ProxyPassReverse /sss http://ipaddr:8080/sss
</VirtualHost>
3.i have changed the referals off in /etc/openldap/ldap.conf
4.Restart apache :service httpd restart
Thanks,
HariPrasadh
On Wed, Dec 18, 2013 at 11:26 AM, Ravi Chandran <[email protected]>wrote:
> Thanks for your guideline. But could you please tell simply what is LDAP?
> On Dec 18, 2013 11:13 AM, "L. Guruprasad" <[email protected]> wrote:
>
> > On Wed, Dec 18, 2013 at 11:03 AM, Ravi Chandran <[email protected]>
> > wrote:
> > > What is LDAP ? And how should I configure it?
> >
> > When starting a new thread, compose a new email instead of replying on
> > top of an existing email and changing the subject. If you don't know
> > what LDAP is, I would strongly recommend that you learn about it
> > before trying to configure anything related to LDAP. Use your favorite
> > search engine or somewhere like the OpenLDAP documentation to get
> > started. I agree that the learning curve could be steep, but once you
> > go through that it will be very useful for you.
> >
> > Thanks & Regards,
> > Guruprasad
> > _______________________________________________
> > ILUGC Mailing List:
> > http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
> > ILUGC Mailing List Guidelines:
> > http://ilugc.in/mailinglist-guidelines
> >
> _______________________________________________
> ILUGC Mailing List:
> http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
> ILUGC Mailing List Guidelines:
> http://ilugc.in/mailinglist-guidelines
>
--
Thanks & Regards,
HariPrasadh
_______________________________________________
ILUGC Mailing List:
http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
ILUGC Mailing List Guidelines:
http://ilugc.in/mailinglist-guidelines
