I'm not sure that you really need an alternative. using the setup you
have now should work fine, with authoritative off, and using valid-user.
I have that same exact setup running on our corporate intranet, and it's
been working fine.
Also, I do not know of an alternative for having the paassword in clear
text in the file. What I did was create a new AD user (apache_validate
or something along those lines) that is used only for this purpose. The
user has almost no access rights, except that they can login and query
ad. This is what I would recommend, as well as running apache under a
seperate user account if you're not doing this already.
Melanie Pfefer wrote:
ldap-user is not viable...I will have to add all users
by hand... Any other alternative?
also, AuthLDAPBindPassword is written in clear text in
the file...Any other alternative?
Many thanks!
--- Tom Hart <[EMAIL PROTECTED]> wrote:
authzldapauthoritative sets it such that ldap is the
only authentication
that can be used. However valid-user is not seen as
an ldap
authentication (try ldap-user, etc.), so it needs to
be able to fall
back on "basic authentication" even though it is
using the ldap setup to
validate.
Basically it's ldap, but apache thinks it's basic. I
think that's what
happens anyway.
Melanie Pfefer wrote:
I tried AuthZLDAPAuthoritative off and indeed it
worked...now...what is the impact of disabling
AuthZLDAPAuthoritative??
thanks bunches...
--- Eric Covener <[EMAIL PROTECTED]> wrote:
On 10/26/07, Stusynski, Dan <[EMAIL PROTECTED]>
wrote:
Looks like you can't acccess the resource.
authnz_ldap + require valid-user doesn't work as
expected in 2.2.4,
try AuthZLDAPAuthoritative off
--
Eric Covener
[EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the
Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html>
for
more info.
To unsubscribe, e-mail:
[EMAIL PROTECTED]
" from the digest:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
___________________________________________________________
Want ideas for reducing your carbon footprint?
Visit Yahoo! For Good
http://uk.promotions.yahoo.com/forgood/environment.html
---------------------------------------------------------------------
The official User-To-User support forum of the
Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html>
for more info.
To unsubscribe, e-mail:
[EMAIL PROTECTED]
" from the digest:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the
Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for
more info.
To unsubscribe, e-mail:
[EMAIL PROTECTED]
" from the digest:
[EMAIL PROTECTED]
For additional commands, e-mail:
[EMAIL PROTECTED]
___________________________________________________________
Yahoo! Answers - Got a question? Someone out there knows the answer. Try it
now.
http://uk.answers.yahoo.com/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
