LDAP Group Restriction
am 16.04.2008 18:52:38 von Adrian MarshHi All,
I'm trying to see if I can restrict access to a Location, by checking to
see if a user is a member of an NT group, via LDAP. I had hoped the
below would do it, but it seems to be allowing people through who aren't
memebers of "helpdesk".
#AuthUserFile /etc/httpd/conf/localsvn
#AuthBasicProvider file ldap
AuthBasicProvider ldap
DAV svn
SVNParentPath /home/SVN
SVNIndexXSLT "/svnindex.xsl"
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "Enter your NT Credentials"
AuthLDAPURL
"ldaps://ubiq-serv1.company.local/DC=company,DC=local?sAMAcc ountName?sub?(objectClass=*)"
NONE
AuthLDAPBindDN
"CN=ldapuser,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=company,D C=local"
AuthLDAPBindPassword *****
#
#Require valid-user
Require group CN=helpdesk,OU=Distribution
Groups,OU=MyBusiness,DC=company,DC=local
#Require ldap-attribute status=active
#
AuthzSVNAccessFile /tmp/svntest
Any idea why its getting through?
Adrian