[hobbit] securing access Active Directory

John A. Milburn JohnAMilburn at hotmail.com
Wed Apr 20 01:11:27 CEST 2005


----- Original Message ----- 
From: "Andy France" <Andy at zespri.com>
To: <hobbit at hswn.dk>
Sent: Tuesday, April 19, 2005 4:53 PM
Subject: RE: [hobbit] securing access Active Directory


>
>
>
>
>
>
> Hi John,
>
>
> "Milburn, John A." wrote on 15/04/2005 07:18:37:
>
> > This worked for Windows 2000. It also worked for Windows  2003 if
> > the search base was not the root of the domain.
> >
> > I found that if you authenticate against a Global  Catalogue, it
> > works for both.
> >
> >
> > #Directory for Hobbit maintenance
> > ScriptAlias  /hobbit-seccgi/ "/usr/local/hobbit/cgi-secure/"
> > <Directory  /usr/local/hobbit/cgi-secure>
> >    AllowOverride  None
> > Â Â Â Options ExecCGI Â Includes
> > Â Â Â Order allow,deny
> >    Allow from  all
> > Â Â Â AuthAuthoritative On
> > Â Â Â Â AuthLDAPCompareDNOnServer on
> > Â Â Â AuthLDAPURL ldap://gc1.mydomain.com:3268/DC=mydomain,DC=com?
> > sAMAccountName?sub?(objectClass=user)
> > Â Â Â Â AuthLDAPBindDN CN=HobbitUser,CN=Users,DC=mydomain,DC=com
> > Â Â Â Â AuthLDAPBindPassword HobbitUserPassword
> >    AuthType  Basic
> >    AuthName "Enter your Windows logon  name/Password"
> >    require group  CN=HobbitManagers,OU=Managers,DC=mydomain,DC=com
> > </Directory>
> >
> > Setting "AuthAuthoritative Off" should allow other modules  to
> > authenticate users if ldap fails. I haven't tried this  yet.
>
>
> I've modified this to match my own AD configuration, but I'm still not
> having any luck :-(
>
> My apache install includes the ldap_module.so and auth_ldap_module.so
files
> - should these work OK by themselves, or do I need to install further
> OpenLDAP libraries? Â Running ldd on these files doesn't indicate any
> special requirements.
>

I don't know of any dependencies. I do have the OpenLDAP libraries
installed.
I am using Fedora Core 3 fully updated. Almost everything was installed,
since I am not that good with Linux.




More information about the Xymon mailing list