Results 1 to 2 of 2

Thread: how to authenticate with ldap using mod_authz_ldap

  1. #1
    artimus is offline Active Member
    Join Date
    Jul 2007
    Posts
    29
    Rep Power
    8

    Default how to authenticate with ldap using mod_authz_ldap

    Hello,

    I have a running zimbra server, and would like to make another sever authenticate against ldap. It is apache using mod_authz_ldap

    here is my .htaccess file. It pops up and asks me for my login info, but I cannot seem to log in no matter what i do. I suspect i'm not configuring this correctly.
    I am especially unsure about my use of AuthzLDAPRoleAttributeName.

    Code:
    AuthzLDAPEngine on
    
    AuthzLDAPServer zimbra.mydomain.com
    AuthzLDAPUserBase dc=mydomain,dc=com
    AuthzLDAPUserKey uid
    AuthzLDAPUserScope base
    AuthzLDAPRoleAttributeName mail
    
    AuthType basic
    AuthName "Login Required"
    require valid-user
    And I suppose the next question would be, do I have to use a BindDN to authenticate. I know thunderbird doesn't need it for the address book.

  2. #2
    jefft@iri.columbia.edu is offline Senior Member
    Join Date
    Aug 2007
    Location
    New York
    Posts
    56
    Rep Power
    8

    Default ldap

    I haven't used mod_authz_ldap, just mod_ldap, but ...

    You should either change AuthzLDAPUserScope to subtree or change the AuthzLDAPUserBase to ou=people,dc=mydomain,dc=com

    You won't have to bind to the server and you shouldn't need to use the Role. This would be used in case you wanted a subset of your users to have access to the secured resource. For example, you could tell a subset of users to set one of their contact fields (postalcode for example) to 12345. Then you would do this:

    AuthzLDAPRoleAttributeName postalCode
    require role 12345

    I think this should do it.

    AuthzLDAPEngine on

    AuthzLDAPServer zimbra.mydomain.com
    AuthzLDAPUserBase dc=mydomain,dc=com
    AuthzLDAPUserKey uid
    AuthzLDAPUserScope subtree

    AuthType basic
    AuthName "Login Required"
    require valid-user

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  2. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  3. External LDAP Problem
    By facerw in forum Installation
    Replies: 7
    Last Post: 05-08-2007, 04:29 AM
  4. Mac OSX install: Java errors & LDAP CA error
    By jefbear in forum Installation
    Replies: 9
    Last Post: 12-16-2006, 03:39 PM
  5. Replies: 4
    Last Post: 11-15-2006, 12:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •