Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

www.webdp.net, Event 9 IIS log failed to write entry, wwwxxx jeffs, Catastrophic failure Unexpected method call sequence. 0x8000ffff (-2147418113)., ksh lock a file, [unixODBC][Driver Manager]Driver's SQLAllocHandle on SQL_HANDLE_DBC failed, sed: -e expression #1, char 1: unterminated address regex, procmail + change subject, w2ksp4.exe download, /proc/kallsyms format

Links

XODOX
Impressum

#1: LDAP Group Restriction

Posted on 2008-04-16 18:52:38 by Adrian Marsh

Hi All,

I'm trying to see if I can restrict access to a Location, by checking to
see if a user is a member of an NT group, via LDAP. I had hoped the
below would do it, but it seems to be allowing people through who aren't
memebers of "helpdesk".

<Location "/svn">
#AuthUserFile /etc/httpd/conf/localsvn
#AuthBasicProvider file ldap
AuthBasicProvider ldap
DAV svn
SVNParentPath /home/SVN
SVNIndexXSLT "/svnindex.xsl"
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "Enter your NT Credentials"
AuthLDAPURL
"ldaps://ubiq-serv1.company.local/DC=company,DC=local?sAMAcc ountName?sub?(objectClass=*)"
NONE
AuthLDAPBindDN
"CN=ldapuser,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=company,D C=local"
AuthLDAPBindPassword *****
#<LimitExcept GET PROPFIND OPTIONS REPORT>
#Require valid-user
Require group CN=helpdesk,OU=Distribution
Groups,OU=MyBusiness,DC=company,DC=local
#Require ldap-attribute status=active
#</LimitExcept>
AuthzSVNAccessFile /tmp/svntest
</Location>

Any idea why its getting through?

Adrian

Report this message