Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ##
- ## Apache configuration for LDAP authentication against Active Directory
- ## and against a local .htpasswd file, via SSL. Also pulls in all memberOf
- ## attributes and shoves them in the environment under AUTHENTICATE_MEMBEROF
- ## for applications to use later, if necessary
- ##
- LDAPSharedCacheSize 500000
- LDAPCacheEntries 2048
- LDAPCacheTTL 600
- LDAPOpCacheEntries 2048
- LDAPOpCacheTTL 600
- <VirtualHost _default_:443>
- SSLEngine On
- <FilesMatch '^\.[Dd][Ss]_[Ss]'>
- Order allow,deny
- Deny from all
- </FilesMatch>
- <FilesMatch '\.[Dd][Bb]'>
- Order allow,deny
- Deny from all
- </FilesMatch>
- <Location /repos>
- <Limit>
- AuthType Basic
- AuthName svn.innotrac.com
- AuthBasicProvider file ldap
- AuthzLDAPAuthoritative off
- AuthUserFile /nfs/subversion/.htpasswd
- AuthLDAPGroupAttributeIsDN on
- AuthLDAPRemoteUserAttribute sAMAccountName
- AuthLDAPGroupAttribute member
- AuthLDAPBindDN BIND_DN
- AuthLDAPBindPassword BIND_PW
- AuthLDAPUrl "ldap://servername.server.com:3268/dc=company,dc=com?sAMAccountName,memberOf?sub?(|(objectClass=person)(objectClass=user))(!(userAccountControl:1.2.840.113556.1.4.803:=2))" NONE
- # for .htpasswd
- require valid-user
- # for LDAP
- Require ldap-group CN=subversion,OU=groups,OU=unix,DC=company,DC=com
- </Limit>
- </Location>
- <VirtualHost>
Advertisement
