configure apache

Apache Active Directory Authentication

Overview

This tutorial provides an example of Apache Active Directory Authentication using the Authz LDAP module.
Apache and SSL settings are not in the scope of this tutorial.

Apache Active Directory Authentication

Install authz module

In CentOS use the following command:

yum install -y mod_authz_ldap

configure Apache Active Directory Authentication

Edit your location directive in httpd.conf and add the following:

    #For SSL connection remove the comment from the following line
    #SSLRequireSSL

    AuthType basic
    AuthName "My Repository"
    AuthBasicProvider ldap
    AuthLDAPURL "ldap://domain.com:3268/dc=domain,dc=com?sAMAccountName" NONE
    #AuthLDAPBindDN - UPPER CASE DOMAIN
    AuthLDAPBindDN "account@DOMAIN.COM"
    AuthLDAPBindPassword "password"
    Require valid-user
    
    ...

– You can place the “Auth” directive in any httpd block.

Access rules

You can use Active Directory objects to limit access for a specific user or group.

allow access for a specific user:

replace the “Require valid-user” directive with:

Require ldap-user "username"

allow access for a specific group:

replace the “Require valid-user” directive with:

Require ldap-group CN=UsersOU,DC=Domain,DC=com

10 thoughts on “Apache Active Directory Authentication

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.