Apache – LDAP Authentication on the Active Directory

Would you like to learn how to configure an Apache server to use LDAP authentication on the Active directory? In this tutorial, we are going to show you how to authenticate the Apache service on the Active Directory using the LDAP protocol on a computer running Ubuntu Linux.

• Ubuntu 18
• Ubuntu 19
• Ubuntu 20
• Apache 2.4.41
• Windows 2012 R2

Apache – Related Tutorial:

On this page, we offer quick access to a list of tutorials related to Apache.

Tutorial – Windows Domain Controller Firewall

• IP – 192.168.15.10
• Operacional System – WINDOWS 2012 R2
• Hostname – TECH-DC01

First, we need to create a Firewall rule on the Windows domain controller.

This firewall rule will allow the Apache server to query the Active directory database.

On the domain controller, open the application named Windows Firewall with Advanced Security

Create a new Inbound firewall rule.

Select the PORT option.

Select the TCP option.

Select the Specific local ports option.

Enter the TCP port 389.

Select the Allow the connection option.

Check the DOMAIN option.

Check the PRIVATE option.

Check the PUBLIC option.

Enter a description to the firewall rule.

Congratulations, you have created the required firewall rule.

This rule will allow the Apache server to query the Active directory database.

Tutorial – Windows Domain Account Creation

Next, we need to create at least 2 accounts on the Active directory database.

The ADMIN account will be used to login on the Apache server.

The BIND account will be used to query the Active Directory database.

On the domain controller, open the application named: Active Directory Users and Computers

Create a new account inside the Users container.

Create a new account named: admin

Password configured to the ADMIN user: 123qwe..

This account will be used to authenticate on the Apache web interface.

Create a new account named: bind

Password configured to the BIND user: kamisama123..

This account will be used to query the passwords stored on the Active Directory database.

Congratulations, you have created the required Active Directory accounts.

Apache – LDAP Authentication on Active Directory

• IP – 192.168.15.11
• Operational System – Ubuntu 19.10
• Hostname – APACHE

Install the Apache server and the required LDAP authentication module.

Enable the Apache2 LDAP authentication module.

In our example, we are going to request authentication to users trying to access a directory named Test.

Create a directory named Test and give the user named www-data permission over this directory.

Configure the Apache server to request the LDAP authentication to users trying to access the Test directory.

Edit the Apache 000-default.conf configuration file.

Here is the 000-default.conf file before our configuration.

Here is the 000-default.conf file after our configuration.

The Apache server was configured to request password authentication to acess the directory /var/www/html/test.

The Apache web server was configured to authenticate user accounts using the LDAP server 192.168.15.10.

The Apache web server was configured to use the Active directory domain: TECH.LOCAL.

Restart the Apache service.

Congratulations! You successfully configured the Apache authentication.

Apache – LDAP Authentication Test

Open your browser and enter the IP address of your Apache web server.

In our example, the following URL was entered in the Browser:

• http://192.168.15.11

The Apache default page will be displayed.

Open your browser and enter the IP address of your web server plus /test.

In our example, the following URL was entered in the Browser:

• http://192.168.15.11/test

On the login screen, enter an Active Directory username and password.

• Username: admin
• Password: 123qwe..

After a successful login, you will be authorized to access the directory named Test.

Congratulations! You have configured the LDAP authentication on an Apache server to use the Active directory.