Apache2 ldap auth on Ubuntu Dapper and Feisty

0
951

As part of our internal office systems upgrade we have a shiny new LDAP server which we like to use as much as possible. One of the things we use it for is Apache user auth, mainly we control SVN with it so people can only commit to the projects they’re allowed to but we also use it so secure our system’s services from the developers that like to play wannabe sysadmin!

Unfortunately we are running several different flavors of Ubuntu in the office with slightly different Apache2 versions and thus LDAP requirements!

Ubuntu Dapper Drake (Apache 2.0)


AuthType basic
AuthName "BackupPC admin"
AuthLDAPUrl ldap://ldap-server:389/ou=people,dc=domain,dc=com?uid?sub
AuthLDAPGroupAttributeIsDN off
AuthLDAPEnabled on
Require group cn=systems,ou=groups,dc=domain,dc=com
AuthLDAPGroupAttribute memberUid

Ubuntu Feisty Fawn (Apache 2.22)


AuthType Basic
AuthName "SVN Repository"
AuthLDAPUrl ldap://ldap-server:389/ou=people,dc=domain,dc=com?uid?sub
AuthzLDAPAuthoritative On
AuthBasicProvider ldap
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
Require ldap-group cn=developers,ou=groups,dc=domain,dc=com

Obviously you have to make sure you have the right LDAP modules enabled for each version of Apache2 but that’s all that is required to force Apache2 to authenticate against an LDAP group!

SHARE
Previous articleUbuntu and webcams
Next articleRestoring Vista personal folders
Hi, I'm Rus and after 10 years of Linux administration and software development, in September 2014 I quit my day job, sold all my stuff and moved to Thailand to live the good life. My new website, http://www.ruspow.com shows how I'm making money online as well as what life can be like when you're not sat behind a desk and are free to make your own decisions!