Differences
This shows you the differences between two versions of the page.
— | linux:ubuntu:apache_ad [2019/10/31 09:05] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Allow any Active Directory user to access a folder on Apache 2.4 hosted on Linux ====== | ||
+ | When you need to protect a folder on your Apache 2.4 web server installed on a Linux system (on Ubuntu in my case), here is how you do it:First you need to enable Apache modules ' | ||
+ | < | ||
+ | sudo a2enmod authnz_ldap | ||
+ | </ | ||
+ | It will enable both modules. | ||
+ | Let's assume the following configuration: | ||
+ | AD FQDN: sub.domain.intern | ||
+ | AD server IP: 10.0.0.1 | ||
+ | AD User: ldapqueryuser | ||
+ | AD Password: ldapquerypassword Folder you want to protect is inside the default host: / | ||
+ | |||
+ | Here is the code you need to paste into Apache config file: | ||
+ | < | ||
+ | < | ||
+ | AuthLDAPBindDN " | ||
+ | AuthLDAPBindPassword " | ||
+ | AuthLDAPURL " | ||
+ | Order deny,allow | ||
+ | Allow from all | ||
+ | AuthLDAPBindAuthoritative off | ||
+ | AuthType Basic | ||
+ | AuthName "ENTER YOUR ACTIVE DIRECTORY CREDENTIALS" | ||
+ | AuthBasicProvider ldap | ||
+ | Require valid-user | ||
+ | </ | ||
+ | </ | ||
+ | You can change the folder so you can protect the whole web site, or another sub folder. AuthLDAPBindDN, | ||
+ | |||
+ | I hope this helps you more than other tutorials helpded me. For more information on how to allow certain groups or list of users, visit the [[http:// | ||
+ | |||
+ | If you plan to run a PHP script in that location, the username will be available to PHP in the $_SERVER[' | ||
+ | |||
+ | <code | Group membership> | ||
+ | AuthName "AD authentication" | ||
+ | AuthBasicProvider ldap | ||
+ | AuthType Basic | ||
+ | AuthLDAPGroupAttribute member | ||
+ | AuthLDAPGroupAttributeIsDN On | ||
+ | AuthLDAPURL ldap:// | ||
+ | AuthLDAPBindDN cn=apache-connect, | ||
+ | AuthLDAPBindPassword {password} | ||
+ | require ldap-group cn=test, | ||
+ | </ |