Re: [users@httpd] custom ldap conf file

[Saxa Egea]

Sorry.. but I'm a newbie... As far as I understand Apache does not use "/etc/ldap/ldap.conf" or whatever. You specify all settings in your httpd.conf or vhost configuration like: <Location /your_auth_required_location> AuthType Basic AuthName "Authentication required"> AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPBindDN cn=Manager,dc=domain AuthLDAPBindPassword <Manager_pass> AuthLDAPURL "ldap://ldapserver.domain" Require user username Require ldap-group dn_of_group </Location> For each "sub" location... just need to specify the group or users you allow with: <Location /whatever> Require user username Require ldap-group dn_of_other_group </Location> Remeber users and groups are "ORed", not AND'ed. Hope this helps you. Tx, Saxa On 14/04/14 20:09, Lee Burke wrote: Question – how to configure Apache to find a custom ldap conf file.   I am using Apache 2.2.12 on Suse linux 11 patchset 2, with PHP 5.2.14.   I want to create a custom ldap.conf file for use by Apache for user authentication via a remote system. I can't put my config info in /etc/openssl/ldap.conf or /etc/ldap.conf -- it's a long story.  But, I could create my own /etc/openldap/apache_ldap.conf.   The question is -- Where in Apache (and maybe PHP) can I tell Apache to look for and use the settings in my custom apache_ldap.conf ? My custom ldap conf file would include things like TLS_REQCERT, uri and base.   Lee Burke Lead Systems Engineer GPDS Innovation lee.bu...@gm.com C 586.359.9417   Nothing in this message is intended to constitute an electronic signature unless a specific statement to the contrary is included in this message. Confidentiality Note: This message is intended only for the person or entity to which it is addressed. It may contain confidential and/or privileged material. Any review, transmission, dissemination or other use, or taking of any action in reliance upon this message by persons or entities other than the intended recipient is prohibited and may be unlawful. If you received this message in error, please contact the sender and delete it from your computer.