Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Authenticate Apache 2 using Mac OS X Open Directory' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Authenticate Apache 2 using Mac OS X Open Directory
Authored by: tfe on Jan 17, '10 03:28:58AM
This method no longer works with Snow Leopard Server's OpenDirectory. To make it work use the following setup:
AuthType Basic
AuthName "test"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off		# Allows fall back to other authentication methods
AuthLDAPGroupAttributeIsDN off		# To match OpenDirectory's schema
AuthLDAPURL ldap://<server>/dc=search,dc=base
AuthLDAPGroupAttribute memberUid	# Magic happens here - defines how members are stored in a group
Require ldap-group cn=group,cn=groups,dc=search,dc=base
Note: This setup will use an anonymous bind to the directory, you don't have to store a clear text password in the config. (OpenDirectory must be configured to allow anonymous binds) Replace dc=search,dc=base with your search base and replace <server> with your actual server's IP.

[ Reply to This | # ]