Configuring User Home Directories using Native Linux file system on the same server.

  • 7006755
  • 30-Aug-2010
  • 27-Apr-2012

Environment

Novell Open Enterprise Server 2 (OES 2) Linux
SUSE Linux Enterprise Server 10 Service Pack 3

Situation

- Apache setup:
The browser URL for the home directory users will be http://server-ip-address/~username
Create a .conf file with the directives below under /etc/apache2/conf.d   - it could be named "HomeDir.conf" for example.
This example uses the "UserDir" directive to set the path and directory for all of the home directory users. ie. /home/<directory of user>/public_html
The asterisk ( * ) symbol is a place holder for any home directory user in that path.
Restart apache when changes are made to the .conf file, using the command "rcapache2 restart"

UserDir public_html
<Directory "/home/*/public_html">
  Options Indexes Multiviews
  AllowOverride None
  Order deny,allow
  Allow from all
</Directory>

- Apache set up with basic authentication:
See the information for the Apache setup above, and then review the following items...

An LDAP Group can be used using the "Require ldap-group" directive can be uncommented out and "Require valid-user" can be commented out (see apache directives below). 
Also, if using this option, set the "AuthBasicAuthoritative and AuthzLDAPAuthoritative off" to "On" instead of "off".
When using "Require ldap-group" the group and users need to be LUM enabled.

A list of apache modules used in this example configuration is given here. Add missing modules for basic LDAP authentication in the /etc/sysconfig/apache2 file. APACHE_MODULES="actions alias auth_basic ldap authnz_ldap authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5 proxy proxy_ajp"

When using basic authentication, go to LDAP | LDAP Options | LDAP Group | "Require TLS for Simple Binds with Password", UN-check that box and apply the change.

Restart apache when changes are made to the .conf file or the apache2 file, using the command "rcapache2 restart"

UserDir public_html
<Directory "/home/*/public_html">
  Options Indexes Multiviews
  AllowOverride None
  Order deny,allow
  Allow from all
  AuthType Basic
  AuthName "Protected"
  Require valid-user
  #Require ldap-group cn=Group1, o=novell
  AuthBasicAuthoritative off
  AuthzLDAPAuthoritative off
  AuthBasicProvider ldap
  AuthLDAPURL ldap://151.155.131.44/o=novell?uid
</Directory>

Additional Information

and
Configuring User Home Directories on Linux using an NSS volume on the same server.
https://support.microfocus.com/kb/doc.php?id=7006707&sliceId=1&docTypeID=DT_TID_1_1&dialogID=164642894&stateId=0%200%20164644559

Also:
To redirect to SSL at the browser, the following directives can be used "as is" and put at the bottom of the newly created .conf file.

##redirect to SSL
<VirtualHost _default_:80>
RewriteEngine On
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [L,R]
</VirtualHost>

Feedback service temporarily unavailable. For content questions or problems, please contact Support.