Multiple mod ldap

From D3xt3r01.tk
Jump to navigationJump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

WHY

Because I needed multiple URLs to search in. When the AD was made, people didn't take into consideration trusts and trees. You need a new apache 2.4.7 for example

HOW

#LogLevel trace8
#LDAPLibraryDebug 7
<AuthnProviderAlias ldap dlma>
        AuthLDAPURL "ldap://a.dlma.tld/OU=DLM Team A,DC=dlma,DC=tld?sAMAccountName?sub?(objectClass=user)"
        AuthLDAPBindDN ldsh@dlma.tld
        AuthLDAPBindPassword P4ssw0rd
</AuthnProviderAlias>
<AuthnProviderAlias ldap dlmb>
        AuthLDAPURL "ldap://b.dlmc.tld/OU=DLM Team B,DC=dlmb,DC=tld?sAMAccountName?sub?(objectClass=user)"
        AuthLDAPBindDN ldsh@dlmb.tld
        AuthLDAPBindPassword P4ssw0rd
</AuthnProviderAlias>
<AuthnProviderAlias ldap dlmc>
        AuthLDAPURL "ldap://c.dlmc.tld/OU=DLM Team C,DC=dlmc,DC=tld?sAMAccountName?sub?(objectClass=user)"
        AuthLDAPBindDN ldsh@dlmc.tld
        AuthLDAPBindPassword P4ssw0rd
</AuthnProviderAlias>

And I use this in the <virtualhost> container

                AuthBasicProvider dlma dlmb dlmc
                AuthType Basic
                AuthName "User ( Without the domain\\\\ Part )"
                AuthLDAPBindAuthoritative off