Ramesh wrote:
Hi,
I have a web site which I would want to allow only users after
authenticating them against our Active Directory. I wanted to place
.htaccess file in the main web folder
1. Do I need to install "mod_authz_ldap" module ? And is there any
other module which I would need to install ?
2. Also what should I mention in .htaccess file to ask it to
authenticate users against my Active Directory ?
Thank you.
Hi Ramesh,
You need to configure Apache to authenticate against your AD and this
has nothing to do with an .htaccess file. Yes, you need mod_authnz_ldap
and also mod_ldap. There are quite a few HOWTO type documents for doing
this on the web and describe this process fairly well. What I'd like to
do is authenticate over an encrypted TCP/IP session like SSL. I haven't
managed to get that working yet. Here the relative section of my Apache
vhost conf for non-SSL auth with AD:
...
<Location /projects>
...
Order deny,allow
Deny from all
Allow from all
AuthType Basic
AuthName "***"
AuthBasicProvider "ldap"
AuthLDAPURL
"ldap://***:3268/DC=***,DC=***?sAMAccountName?sub?(objectClass=user)"
AuthLDAPBindDN "*...@***.***"
AuthLDAPBindPassword "***"
AuthzLDAPAuthoritative Off
require valid-user
</Location>
...
