View | Details | Raw Unified | Return to bug 41962
Collapse All | Expand All

(-)mod_auth_ldap.xml (+59 lines)
Lines 168-173 Link Here
168
        with during the search phase.</td>
168
        with during the search phase.</td>
169
      </tr>
169
      </tr>
170
    </table>
170
    </table>
171
172
    <p>Alternatively if the LDAP server is an Active Directory server then 
173
    it is possible to do authentication using the domain account and binding
174
    with that.  A successful bind connection means the account is 
175
    authenticated.  This is enabled by using the following directives</p>
176
177
    <table>
178
      <columnspec><column width=".3"/><column width=".7"/></columnspec>
179
      <tr>
180
        <td><directive module="mod_auth_ldap">AuthLDAPADAuthByBind</directive></td>
181
182
        <td>Needs to be set to <code>On</code> to be enabled and authenticates
183
        to the LDAP server set by the <directive>AuthLDAPURL</directive>
184
        directive.</td>
185
      </tr>
186
187
      <tr>
188
        <td><directive module="mod_auth_ldap">AuthLDAPADBindDomain</directive></td>
189
190
        <td>Specifies the Active Directory domain to authenticate with.</td>
191
      </tr>
192
    </table>
193
171
</section>
194
</section>
172
195
173
<section id="authorphase"><title>The Authorization
196
<section id="authorphase"><title>The Authorization
Lines 575-580 Link Here
575
</section>
598
</section>
576
599
577
<directivesynopsis>
600
<directivesynopsis>
601
<name>AuthLDAPADAuthByBind</name>
602
<description>Uses an Active Directory domain account details to bind to an
603
Active Directory server.</description>
604
<syntax>AuthLDAPADAuthByBind on|off</syntax>
605
<default>AuthLDAPADAuthByBind off</default>
606
<contextlist><context>directory</context><context>.htaccess</context>
607
</contextlist>
608
<override>AuthConfig</override>
609
610
<usage>
611
    <p>Set to <code>on</code> if this module should authenticate by binding
612
    to an Active Directory with user's domain credentials (not standard LDAP).  
613
    A successful bind connection means that the user has been authenticated.  
614
    Note that this does not interfere with the use of the 
615
    <directive>AuthLDAPBindDN</directive> and 
616
    <directive>AuthLDAPBindPassword</directive> directives during the 
617
    authorization phase.</p>
618
</usage>
619
</directivesynopsis>
620
621
<directivesynopsis>
622
<name>AuthLDAPADBindDomain</name>
623
<description>Sets the Active Directory domain to be used during the 
624
<directive>AuthLDAPADAuthByBind</directive> authentication.</description>
625
<syntax>AuthLDAPADBindDomain <em>domain</em></syntax>
626
<contextlist><context>directory</context><context>.htaccess</context>
627
</contextlist>
628
<override>AuthConfig</override>
629
630
<usage>
631
    <p>Set the Active Directory domain to authenticate with.</p> 
632
</usage>
633
</directivesynopsis>
634
635
636
<directivesynopsis>
578
<name>AuthLDAPAuthoritative</name>
637
<name>AuthLDAPAuthoritative</name>
579
<description>Prevent other authentication modules from
638
<description>Prevent other authentication modules from
580
authenticating the user if this one fails</description>
639
authenticating the user if this one fails</description>

Return to bug 41962