Hi,
Maybe this will help you. I am using this for testing purpose and I am sure that there are some more scure examples but ... This is a test user, test group and test apache2 config part:
User:
dn: uid=ptest,ou=CS,ou=Policy,ou=SDM,dc=lab,dc=os objectClass: posixAccount objectClass: top objectClass: inetOrgPerson objectClass: shadowAccount gidNumber: 27782 givenName: Proba sn: Test displayName: Proba Test uid: ptest homeDirectory: /home/ptest gecos: This is a test user loginShell: /bin/bash shadowFlag: 0 shadowMin: 0 shadowMax: 99999 shadowWarning: 0 shadowInactive: 99999 shadowLastChange: 12011 shadowExpire: 99999 cn: Proba Test uidNumber: 51893 userPassword: {SSHA}sdssdske38734mjfFGGHJJ23434dsdsfs= mail: testproba@gmail.com
Group:
dn: cn=proba,ou=Posix,ou=Groups,ou=SDM,dc=lab,dc=os objectClass: posixGroup objectClass: top cn: proba memberUid: ptest memberUid: labadmin gidNumber: 28370
Apache config:
<Directory /var/www> #Options Indexes FollowSymLinks MultiViews AllowOverride AuthConfig Order allow,deny allow from all </Directory>
<Location /> AuthType Basic AuthName "Software" AuthBasicProvider ldap AuthLDAPURL "ldap://192.168.15.140:389/ou=SDM,dc=lab,dc=os?uid" AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute memberUid Require ldap-group cn=proba,ou=Posix,ou=Groups,ou=SDM,dc=lab,dc=os </Location>
On 22 March 2016 at 22:22, Cole cole@opteqint.net wrote:
Hi Mary,
If this is similar to ssh auth against LDAP using uid, the dn would look like the following dn: uid=christine,ou=ELOGAccounts,ou=RavenApps,dc=my-domain,dc=com
Now I am not sure how Apache does the lookup, but if I am wrong, maybe someone else can reply.
Regards /Cole
On 22 March 2016 at 21:33, Mary Kao wmcic@yahoo.com wrote:
Hello,
This is a real newbie question ::)
I have configured apache httpd to use LDAP for basic authentication
(userid
and password). I am not sure what the directory DN should look like when using "uid"
rather
than "cn"?
In my LDAP directory I have:
dn: cn=Christine Smith,ou=ELOGAccounts,ou=RavenApps,dc=my-domain,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: uidObject cn: Christine Smith sn: Smith uid: christine userPassword:: Y2hyaXN0aW5l
Where do I put the "uid" so that when the httpd sends over the uid the
ldap
server will search on it?
Thank you, Mary