Changes between Version 102 and Version 103 of TracModPython

Timestamp:

Apr 19, 2007, 2:18:16 AM (17 years ago)

Author:

hudsonfas@…

Comment:

Comment on Microsoft Windows 2003/Server Active Directory

TracModPython

@@ -53 +53 @@
 
 Configuration for mod_ldap authentication in Apache is a bit tricky (httpd 2.2.x and OpenLDAP: slapd 2.3.19)
+
+1. You need to load the following modules in Apache httpd.conf
+{{{
+LoadModule ldap_module modules/mod_ldap.so
+LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
+}}}
+
+2. Your httpd.conf also needs to look something like:
 
 {{{
@@ -71 +79 @@
 </Location>
 }}}
+
+Or the LDAP interface to a Microsoft Active Directory:
+
+{{{
+<Location /trac/>
+  SetHandler mod_python
+  PythonHandler trac.web.modpython_frontend
+  PythonOption TracEnv /home/trac/
+  PythonOption TracUriRoot /trac/
+  Order deny,allow
+  Deny from all
+  Allow from 192.168.11.0/24
+  AuthType Basic
+  AuthName "Trac"
+  AuthBasicProvider "ldap"
+  AuthLDAPURL "ldap://adserver.company.com:3268/DC=ad,DC=company,DC=com?sAMAccountName?sub?(objectClass=user)"
+  authzldapauthoritative Off
+  require valid-user
+</Location>
+}}}
+
+PS: This is the case where the LDAP search will get around the multiple OUs, conecting to Global Catalog Server portion of AD. The GCS is basically a "flattened" tree which allows searching for a user without knowing to which OU they belong. Notice the port is 3268, not the normal LDAP 389. 
+
 
 === Setting the !PythonPath ===