Environment
Novell Open Enterprise Server 2 (OES 2) Linux
SUSE Linux Enterprise Server 10 Service Pack 3
SUSE Linux Enterprise Server 10 Service Pack 3
Situation
- Apache setup:
The browser URL for the home directory users will be http://server-ip-address/~username
Create a .conf file with the directives below under /etc/apache2/conf.d - it could be named "HomeDir.conf" for example.
This example uses the "UserDir" directive to set the path and directory for all of the home directory users. ie. /home/<directory of user>/public_html
The asterisk ( * ) symbol is a place holder for any home directory user in that path.
Restart apache when changes are made to the .conf file, using the command "rcapache2 restart"
UserDir public_html
<Directory "/home/*/public_html">
Options Indexes Multiviews
AllowOverride None
Order deny,allow
Allow from all
</Directory>
- Apache set up with basic authentication:
See the information for the Apache setup above, and then review the following items...
An LDAP Group can be used using the "Require ldap-group" directive can be uncommented out and "Require valid-user" can be commented out (see apache directives below).
Also, if using this option, set the "AuthBasicAuthoritative and AuthzLDAPAuthoritative off" to "On" instead of "off".
When using "Require ldap-group" the group and users need to be LUM enabled.
A list of apache modules used in this example configuration is given here. Add missing modules for basic LDAP authentication in the /etc/sysconfig/apache2 file. APACHE_MODULES="actions alias auth_basic ldap authnz_ldap authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5 proxy proxy_ajp"
When using basic authentication, go to LDAP | LDAP Options | LDAP Group | "Require TLS for Simple Binds with Password", UN-check that box and apply the change.
Restart apache when changes are made to the .conf file or the apache2 file, using the command "rcapache2 restart"
UserDir public_html
<Directory "/home/*/public_html">
Options Indexes Multiviews
AllowOverride None
Order deny,allow
Allow from all
AuthType Basic
AuthName "Protected"
Require valid-user
#Require ldap-group cn=Group1, o=novell
AuthBasicAuthoritative off
AuthzLDAPAuthoritative off
AuthBasicProvider ldap
AuthLDAPURL ldap://151.155.131.44/o=novell?uid
</Directory>
The browser URL for the home directory users will be http://server-ip-address/~username
Create a .conf file with the directives below under /etc/apache2/conf.d - it could be named "HomeDir.conf" for example.
This example uses the "UserDir" directive to set the path and directory for all of the home directory users. ie. /home/<directory of user>/public_html
The asterisk ( * ) symbol is a place holder for any home directory user in that path.
Restart apache when changes are made to the .conf file, using the command "rcapache2 restart"
UserDir public_html
<Directory "/home/*/public_html">
Options Indexes Multiviews
AllowOverride None
Order deny,allow
Allow from all
</Directory>
- Apache set up with basic authentication:
See the information for the Apache setup above, and then review the following items...
An LDAP Group can be used using the "Require ldap-group" directive can be uncommented out and "Require valid-user" can be commented out (see apache directives below).
Also, if using this option, set the "AuthBasicAuthoritative and AuthzLDAPAuthoritative off" to "On" instead of "off".
When using "Require ldap-group" the group and users need to be LUM enabled.
A list of apache modules used in this example configuration is given here. Add missing modules for basic LDAP authentication in the /etc/sysconfig/apache2 file. APACHE_MODULES="actions alias auth_basic ldap authnz_ldap authn_file authz_host authz_groupfile authz_default authz_user authn_dbm autoindex cgi dir env expires include log_config mime negotiation setenvif ssl suexec userdir php5 proxy proxy_ajp"
When using basic authentication, go to LDAP | LDAP Options | LDAP Group | "Require TLS for Simple Binds with Password", UN-check that box and apply the change.
Restart apache when changes are made to the .conf file or the apache2 file, using the command "rcapache2 restart"
UserDir public_html
<Directory "/home/*/public_html">
Options Indexes Multiviews
AllowOverride None
Order deny,allow
Allow from all
AuthType Basic
AuthName "Protected"
Require valid-user
#Require ldap-group cn=Group1, o=novell
AuthBasicAuthoritative off
AuthzLDAPAuthoritative off
AuthBasicProvider ldap
AuthLDAPURL ldap://151.155.131.44/o=novell?uid
</Directory>
Additional Information
and
Configuring User Home Directories on Linux using an NSS volume on the same server.
https://support.microfocus.com/kb/doc.php?id=7006707&sliceId=1&docTypeID=DT_TID_1_1&dialogID=164642894&stateId=0%200%20164644559
Also:
To redirect to SSL at the browser, the following directives can be used "as is" and put at the bottom of the newly created .conf file.
##redirect to SSL
<VirtualHost _default_:80>
RewriteEngine On
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [L,R]
</VirtualHost>
Also:
To redirect to SSL at the browser, the following directives can be used "as is" and put at the bottom of the newly created .conf file.
##redirect to SSL
<VirtualHost _default_:80>
RewriteEngine On
RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [L,R]
</VirtualHost>