Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

Use of assignment to $[ is deprecated at /usr/local/sbin/apxs line 86. , wwwxxx vim, mysql closing table and opening table, 800c5000, setgid operation not permitted, pciehp: acpi_pciehprm on IBM, WWWXXX.DBF, 078274121, info0a ip, should prodicers of software_based services be held liable or not liable for economic injuries

Links

XODOX
Impressum

#1: LDAP Group Restriction

Posted on 2008-04-16 18:52:38 by Adrian Marsh

Hi All,

I'm trying to see if I can restrict access to a Location, by checking to
see if a user is a member of an NT group, via LDAP. I had hoped the
below would do it, but it seems to be allowing people through who aren't
memebers of "helpdesk".

<Location "/svn">
#AuthUserFile /etc/httpd/conf/localsvn
#AuthBasicProvider file ldap
AuthBasicProvider ldap
DAV svn
SVNParentPath /home/SVN
SVNIndexXSLT "/svnindex.xsl"
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "Enter your NT Credentials"
AuthLDAPURL
"ldaps://ubiq-serv1.company.local/DC=company,DC=local?sAMAcc ountName?sub?(objectClass=*)"
NONE
AuthLDAPBindDN
"CN=ldapuser,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=company,D C=local"
AuthLDAPBindPassword *****
#<LimitExcept GET PROPFIND OPTIONS REPORT>
#Require valid-user
Require group CN=helpdesk,OU=Distribution
Groups,OU=MyBusiness,DC=company,DC=local
#Require ldap-attribute status=active
#</LimitExcept>
AuthzSVNAccessFile /tmp/svntest
</Location>

Any idea why its getting through?

Adrian

Report this message