Monday, November 25, 2013

Apache2 LDAPS Auth config against eDirectory

Apache2 LDAPS Auth Config against eDirectory

  1. Create cert directory in apache conf directory:
    mkdir /etc/apache2/cert
  2. Download LDAP cert from eDirectory server and copy to /etc/apache2/cert:
    cp CA.b64 /etc/apache2/cert/
  3. Create config file /etc/apache2/conf.d/ldaps and add this line:
    LDAPTrustedGlobalCert CA_BASE64 "/etc/apache2/cert/CA.b64"
  4. Edit ssl config file /etc/apache2/sites-enabled/default-ssl and add these lines to protect the directory:
    Alias /phpmyadmin /usr/share/phpmyadmin/
    
    <Directory "/usr/share/phpmyadmin">
     AuthName "Access to phpMyAdmin: Login using LDAP user"
     AuthType basic
     AuthBasicProvider ldap
     AuthLDAPUrl ldaps://ldaps.server.com/ou=IT,o=company?cn
     Require ldap-user username1 username2
    </Directory>
     
  5. Restart apache2:
    service apache2 restart

References :

  • http://think.io/?p=90
  • http://archive09.linux.com/feature/120050