Howto Ldap Auth: Difference between revisions
From Pumping Station One
No edit summary |
|||
| (2 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{mbox |type=warning |text=This information is out of date. [[IT Infrastructure|Up-to-date IT information can be found here]] }} | |||
External services that authenticate users often use Ldap for authentication. | External services that authenticate users often use Ldap for authentication. | ||
| Line 74: | Line 76: | ||
ldapsearch is a handy tool that is part of open ldap. You can query some handy information out of our ldap servers as follows if you have an account to bind with: | ldapsearch is a handy tool that is part of open ldap. You can query some handy information out of our ldap servers as follows if you have an account to bind with: | ||
You may need to set LDAPTLS_REQCERT=allow before those commands. | |||
#list laser cutter certified: | #list laser cutter certified: | ||
ldapsearch | ldapsearch -v -x -H ldaps://bob.ad.pumpingstationone.org -b "DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Laser Engraver Certified" | ||
#list domain Admins | #list domain Admins | ||
ldapsearch | ldapsearch -v -x -H ldaps://bob.ad.pumpingstationone.org -b "CN=Users,DC=ad,DC=pumpingstationone,DC=org" -D "PS1\myuser" -W "CN=Domain Admins" | ||
Remember you can use space.pumpingstationone.org if it is outside PS1 network. | |||
== Apache mod_authnz_ldap == | == Apache mod_authnz_ldap == | ||
| Line 165: | Line 172: | ||
auth_ldap "AD authentication"; | auth_ldap "AD authentication"; | ||
auth_ldap_servers BOB; | auth_ldap_servers BOB; | ||
[[Category: Systems Group]] | |||
