Apache - LDAP

Basic auth

Add LDAP auth inside a virtual server:

                Options -Indexes
                AuthBasicProvider ldap
                AuthType Basic
                AuthName "Site of Überness"
                AuthLDAPURL ldap://ldapserver.skytech.dk/dc=skytech,dc=dk?uid
                AuthzLDAPAuthoritative on
                AuthLDAPGroupAttribute memberUid
                AuthLDAPGroupAttributeIsDN off

                ## If user should just exists
                Require valid-user

                ## If you want a user to member of a specific group.
                ## Add multiple ldap-group lines for allowing multiple groups
                Require ldap-group cn=emp,cn=groups,dc=skytech,dc=dk
                Require ldap-group cn=ninja,cn=groups,dc=skytech,dc=dk

LDAP auth unless from certain ip/network

First, enable LDAP modules in apache (assuming debian here):

a2enmod ldap
a2enmod authnz_ldap

Using the basic auth from before just two more things are needed:

The normal allow/deny rules

                Order allow,deny
                allow from 192.168.0

                <INSERT LDAP AUTH FROM ABOVE>

                ## Allow either based on allow from clauses or via ldap auth
                Satisfy Any