Tuesday, January 6, 2015


I decided to create an OpenLDAP server[1] for my research group to serve as the central storage for member information (POSIX generic account). This server will be used to authenticate users when they access certain services that should be available to group members only. The group's wiki seems like a good candidate to test the setup.
First, enable LDAP related apache modules.

sudo a2enmod ldap authnz-ldap
Next, edit /etc/apache2/apache2.conf to add the following:
        AuthType Basic
        AuthName "This site is for SRG members only. Please use your SRG NetId credentials to access this site."
        AuthBasicProvider ldap
        #AuthzLDAPAuthoritative on
        AuthLDAPURL "ldap://[your ldap server ip addess]:389/dc=srg,dc=ics,dc=uplb,dc=edu,dc=ph?uid"
        AuthLDAPBindDN "cn=admin,dc=srg,dc=ics,dc=uplb,dc=edu,dc=ph"
        AuthLDAPBindPassword [your admin password]
        Require valid-user
Finally, restart apache.
sudo service restart apache2