Difference between revisions of "LDAP"
Infrastation (talk | contribs) m |
Infrastation (talk | contribs) m (→trusting httpd) |
||
| Line 5: | Line 5: | ||
=== trusting httpd === | === trusting httpd === | ||
| + | <pre> | ||
| + | $user_auth_src = 'httpd'; | ||
| + | $require_local_account = FALSE; | ||
| + | </pre> | ||
Revision as of 22:17, 9 June 2011
LDAP configuration and troubleshooting
There are different ways to make RackTables recognize LDAP accounts instead of local accounts. One way is to configure RackTables to communicate with an LDAP server directly. In this case both password validity and group membership information are available inside RackTables. Group membership can be used in permission rules to implement site's access control policy. Another way is to configure RackTables to trust the authentication already performed by httpd, which in turn is configured to authenticate HTTP(S) clients in LDAP. This is sometimes the case, when the system administrator wants to reuse a working httpd+mod_auth_ldap setup. The drawback of this method is that group membership information wouldn't be available at RackTables level.
direct access to LDAP
trusting httpd
$user_auth_src = 'httpd'; $require_local_account = FALSE;
