[Auth_ldap] validating against several ldap servers

Jeremy Childs jeremyc at ssimicro.com
Thu Dec 29 08:25:02 PST 2005 

It might also be possible to set a custom error page in apache that, 
upon failure against the first domain, will redirect to a different 
location which will try against the second domain.

There might be a couple of wrinkles to work out (keeping the browser 
from asking for credentials twice for example). It's worth a little 
research, methinks.

Shawn wrote:

>What I've had to do is create an entirely new AuthLDAP module patch
>(such as XtraLDAP) which has separate directives and apache hooks.
>
>I essentially re-did some work that a co-worker did here at for internal
>use here, so it wasn't my idea.
>
>If you really want to take on such a thing I may have a patch to dig up.
>
>On Fri, 2005-12-02 at 15:55 +0100, daniel parkes wrote:
>  
>
>>Hy people i have a question!,
>> 
>>what i have right now is:
>> 
>>internet----------------------apache-reverse-proxy----------SPS
>>servers
>>                                    |
>>                                    |
>>                          AD free domain
>> 
>> 
>>the proxy has authtype basic and looks for the user with ldap in and
>>windows AD domain, what i need now is that the reverse proxy can
>>validate users from several domains not only 1 as it does now, does
>>anybody now how you can make the auth_ldap mod connect to several AD
>>servers to validate a user?
>> 
>> 
>>So i could have something like:
>> 
>> 
>>                             AD second domain
>>                                    |
>>                                    |
>>internet----------------------apache-reverse-proxy----------SPS
>>servers
>>                                    |                        |
>>                                    |                        |
>>                          AD free domain             |
>>                                                              AD third
>>domain
>> 
>> 
>> 
>> 
>> 
>> 
>>the reverse proxy has this proxy configuration:
>> 
>>AuthAuthoritative Off 
>>
>>AuthName "Staff only"
>>
>>AuthType Basic
>>
>>LDAP_Debug On
>>
>>LDAP_Server 172.
>>
>>LDAP_Port 389
>>
>>Base_DN ""
>>
>>Bind_DN ""
>>
>>Bind_Pass ""
>>
>>UID_Attr cn
>>
>>require valid-user
>>
>></Proxy>
>>
>>
>>_______________________________________________
>>Auth_ldap mailing list
>>Auth_ldap at rudedog.org
>>http://www.rudedog.org/mailman/listinfo/auth_ldap
>>    
>>
>_______________________________________________
>Auth_ldap mailing list
>Auth_ldap at rudedog.org
>http://www.rudedog.org/mailman/listinfo/auth_ldap
>  
>

More information about the Auth_ldap mailing list