There are (at least) two Apache 2.0 modules that allow ldap authentication against ldap. This is of course not unusual. It is unusual that they have the same name. It would have saved me a lot of time if I’d read a post like this one before attempting to configure Apache’s mod_auth_ldap from an example that used Muhammad Muquit’s mod_auth_ldap.
Redhat AS4 and FC5 ship with Apache’s mod_auth_ldap.
Muhammad’s mod_auth_ldap seems to provide a few more options, notably ldap debugging.
Details here:
- mod_auth_ldap that ships with Apache 2.0 and
- mod_auth_ldap from Muhammad Muquit
The syntax is different. The basic functionality is the same. Muhammad’s module seems a little more configurable. They both work fine. Here are examples of each:
Muhammad’s mod_auth_ldap:
# ...
AuthType Basic
LDAP_Debug On
LDAP_Port 389
Base_DN "dc=morganjones,dc=org"
LDAP_Protocol_Version 3
LDAP_Server ldap.morganjones.org
LDAP_Port 389
# I have not tried require valid-user with Muhammad's mod_auth_ldap but
# I surmise it will work.
# I have seen require user work like this:
# require user user1 user2 user3
require valid-user
Apache’s mod_auth_ldap:
# ...
AuthLDAPURL ldap://ldap.morganjones.org/dc=morganjones,dc=org
Require valid-user