I’m using eBox to manage my server. eBox was mind for enterprise networks, but dns and email modules are very useful for a internet server.
eBox manages email users with openLDAP (slapd), so I wanted all the services in my server to use the same authentication.
This is the general configuration for apache authenticating with eBox, wich I use for my SVN repositories:
# LDAP Authentication & Authorization is final; do not check other databases AuthzLDAPAuthoritative on # Do basic password authentication in the clear AuthType basic AuthBasicProvider ldap # The name of the protected area or "realm" AuthName "Triangulo de las merluzas Subversion Repositories" # Active Directory requires an authenticating DN to access records # This is the DN used to bind to the directory service # This is an Active Directory user account AuthLDAPBindDN "cn=admin,dc=ebox" # This is the password for the AuthLDAPBindDN user in Active Directory AuthLDAPBindPassword "secret" # Group Configuration AuthLDAPGroupAttributeIsDN off AuthLDAPGroupAttribute memberUid # The LDAP query URL AuthLDAPURL "ldap://localhost:389/ou=Users,dc=ebox?uid" # Require authentication for this Location. # In this case, only developers can use the repository. Require ldap-group cn=developers,ou=Groups,dc=ebox