LDAP the second - Apache2

After getting LDAP Working on PAM the next move was to get it working with Apache. I tried several ways:

• direct contact to the AD through LDAP
• using PAM
• using Kerberos

and i was able to get it working through LDAP. For that i needed the module authnz_ldap and lap. Then all i had to do is to get the correct Authorization config into the virtual host:

<directory>
...

AuthType Basic
AuthName "LDAP"
AuthBasicProvider ldap
AuthLDAPBindDN cn=ldapauth,ou=Users,dc=your,dc=domain,dc=com
AuthLDAPBindPassword password
AuthLDAPURL "ldap://yourdomain.com:389/ou=Users,dc=your,dc=domain,dc=com?sAMAccountName?sub?(objectClass=*)"
AuthzLDAPAuthoritative off

Require valid-user

...
</directory>

Some Explanations: The AuthBasicProvider is needed as of Apache 2.2 since else you will get an error Message.

Links:

• http://www.rrze.uni-erlangen.de/dienste/arbeiten-rechnen/linux/howtos/ldap/anwendungen/apache.shtml (German)
• http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#authldapgroupattributeisdn
• http://www.le.ac.uk/cc/sh23/adldap.html
• http://support.microsoft.com/kb/555092
• http://thomas-howard.com/Reference/Articles/Apache+AD/
• http://www.issociate.de/board/post/328656/LDAP_authentification_from_2.0_to_2.2.html