HTTPD + mod_auth_? for windows on RHEL5? (was RE: How to authenticate apache against AD? PAM?)

Barry Brimer lists at brimer.org
Mon Mar 2 23:08:12 UTC 2009 

LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

...

LDAPSharedCacheSize 200000
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600
LDAPTrustedGlobalCert CA_BASE64 /etc/pki/tls/certs/root_ca_full.pem
LDAPTrustedMode SSL


...

VirtualHost x.x.x.x:x>
<Location />
AuthLDAPURL
ldaps://ldap1.example.com,ldap2.example.com,ldap3.example.com/dc=example,dc=com?sAMAccountName?sub?(objectClass=User)
AuthLDAPBindDN cn=sypadl,dc=example,dc=com
AuthLDAPBindPassword topsecret
AuthzLDAPAuthoritative on
AuthType Basic
AuthName "Private"
AuthBasicProvider ldap
Require ldap-group CN=Group1,OU=Groups-Global,DC=example,DC=com
Require ldap-group CN=Group2,OU=Groups-Global,DC=example,DC=com
</Location>
</VirtualHost>
Quoting "Furnish, Trever G" <TGFurnish at herffjones.com>:

> Anyone?  Anyone?  Anyone?  :-)
>
> > -----Original Message-----
> > From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> > bounces at redhat.com] On Behalf Of Furnish, Trever G
> > Sent: Monday, March 02, 2009 12:59 PM
> > To: General Red Hat Linux discussion list
> > Subject: How to authenticate apache against AD? PAM?
> >
> > Just thought I'd poll the list and see how's everyone managing to
> > authenticate against active directory for Apache sites on RHEL5?
> >
> > I have a RHEL3 system that I want to migrate to RHEL5, and on the
> RHEL3
> > system I've been mostly happy using "Pamacea", which allows Apache to
> > authenticate using PAM (as in /etc/pam.d), so that I can just use
> > RHEL3's built-in SMB authentication hooks from a pam module.  I don't
> > know that Pamacea will work with the later version of Apache on
> RHEL5.3
> > -- haven't made the attempt yet, but it doesn't look like it's been
> > updated in several years -- so I thought I'd just ask how everyone
> else
> > is doing that these days.
> >
> > --
> > Trever Furnish, tgfurnish at herffjones.com
> > Herff Jones, Inc. Unix / Network Administrator
> > Phone: 317.612.3519
> > Any sufficiently advanced technology is indistinguishable from Unix.
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
> !DSPAM:49ac6203261111361364286!
>
>

More information about the redhat-list mailing list