?
Solved

Using LDAP to update .htpasswd

Posted on 2005-04-12
7
Medium Priority
?
447 Views
Last Modified: 2012-05-05
I run a Windows Server 2003 box locally and want to be able to update the .htpasswd files on a remotely hosted apache server running on a linux box.  I have no access to the linux box, but can usually get the company to do pretty much anything I need as long as it only effects me.

Any ideas on how to either use my Active Directory for the remote authentication or to update .htpasswd from my Active Directory?  Perhaps using php and LDAP??

Thanks in advance.
0
Comment
Question by:Eriador
  • 2
  • 2
5 Comments
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13770901
something like following in your .htaccess:

   AuthName "confidential data"
   AuthType Basic
   #
   # following most likely not working
   #AuthLDAPUrl ldap://ldap.xxx.xxxxx.xxx/OU=Departments,OU=xxxxxxxx,DC=ad,DC=xxx,DC=xxxxx,DC=xxx?sAMAccountName?sub?(objectclass=person)
   # --- openldap
   AuthLDAPHosts "FQDN"
   AuthLDAPBindDN "cn=Manager,...,dc=xxx-xxx,dc=de"
   AuthLDAPBindPassword password
   AuthLDAPBaseDN "..,dc=xxx,dc=xxx-xxx,dc=de"
   #
   AuthLDAPSearchScope subtree
   AuthLDAPUserKey uid
   AuthLDAPPassKey userPassword
   #
   # --- Base64 encodced
   AuthLDAPSchemePrefix off
   #
   <Limit GET POST>
        require valid-user
   </Limit>

you have to decide yourself if you can use LDAPUrl or need to use the parts of it with LDAPHost, LDAPBindDN, etc.
0
 

Author Comment

by:Eriador
ID: 13773941
It would appear that my host does not have PerLDAP installed and does not intend to install it.  Any other ideas?
0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 13776661
> PerLDAP
is this a typo?

If you apache does not support LDAP, then you need to update your .htpasswd with the proper passwords which is not simple (except they are  stored plain text in AD, hopefully not).
You cannot decrypt the password, hence you need to know the plain text of it, otherwise there is no way.
IIRC .htaccess can be tweaked to use external programs for authentication, but never have done it myself, so can't help there.
0
 

Author Comment

by:Eriador
ID: 13952917
Sorry.  Was out of pocket for a little while.

PerLDAP was not a typo, it is the perl LDAP module for Apache (the one I found anyway).  I have since found a module that I was able to install though SSH, but only on my account (I'm on a shared server).  This would work just fine in any other instance, but it will not update htpasswd.  I guess the only option here is to come up with a script that will retreive the passwords via LDAP (I am storing them in a reversable encryption), then write them to .htpasswd with server-side scripting (eg. PHP).  Any thoughts on this?

Thanks.
0
 

Accepted Solution

by:
modulo earned 0 total points
ID: 14198035
PAQed with points refunded (250)

modulo
Community Support Moderator
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
As Wikipedia explains 'robots.txt' as -- the robot exclusion standard, also known as the Robots Exclusion Protocol or robots.txt protocol, is a convention to prevent cooperating web spiders and other web robots from accessing all or part of a websit…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Suggested Courses
Course of the Month14 days, 23 hours left to enroll

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question