Searching child OU's for authentication
Gaddis, Jeremy L.
jeremy at linuxwiz.net
Tue Feb 27 15:19:24 UTC 2007
On Tue, 27 Feb 2007, Josh Miller wrote:
> The example does not accomplish what the OP describes, as it is limited to
> the Users OU. The goal here is to be able to point the Apache config at a
> Domain Controller and have it search ALL OUs and right now there is a seeming
> limitation on a single top-level OU -- although any user object within that
> top-level OU will work.
I changed the coniguration I posted slightly from the "real"
configuration. In our Active Directory structure, we have an OU at
the root-level called "Acad", therefore:
AuthLDAPURL
ldap://my.domain.edu:389/cn=Acad,DC=domain,DC=edu?sAMAccountName?sub?(objectclass=*)
With this, we're able to authenticate any user "under" the Acad OU.
There are no user objects actually *in* the Acad OU, but there a few
OUs under that where user objects reside.
I suppose I am not "searching all OUs" as I limit the searches to
anything the top-level Acad OU.
HTH,
-j
--
Jeremy L. Gaddis, MCP, GCWN jeremy at linuxwiz.net
LinuxWiz Consulting http://linuxwiz.net
More information about the redhat-list
mailing list