As part of our internal office systems upgrade we have a shiny new LDAP server which we like to use as much as possible. One of the things we use it for is Apache user auth, mainly we control SVN with it so people can only commit to the projects they’re allowed to but we also use it so secure our system’s services from the developers that like to play wannabe sysadmin!
Unfortunately we are running several different flavors of Ubuntu in the office with slightly different Apache2 versions and thus LDAP requirements!
Ubuntu Dapper Drake (Apache 2.0)
AuthName "BackupPC admin"
Require group cn=systems,ou=groups,dc=domain,dc=com
Ubuntu Feisty Fawn (Apache 2.22)
AuthName "SVN Repository"
Require ldap-group cn=developers,ou=groups,dc=domain,dc=com
Obviously you have to make sure you have the right LDAP modules enabled for each version of Apache2 but that’s all that is required to force Apache2 to authenticate against an LDAP group!