Author: imaginator

blog.imaginator.com

Should anyone ask, I now have LDAP authentication working in Apache 2

It was not nice.

AuthType Basic
AuthName "Imaginator username and password"
AuthBasicProvider ldap
AuthzLDAPAuthoritative On
AuthLDAPURL ldaps://ldap.imaginator.com/dc=imaginator,dc=com?uid?sub
AuthLDAPBindDN "cn=nss,ou=auth,dc=imaginator,dc=com"
AuthLDAPBindPassword "**********"
AuthLDAPGroupAttribute memberUid
require ldap-group cn=buddycloud-corp,ou=groups,dc=imaginator,dc=com

So it sort of works. But what I would really like is for a way to authenticate on POSIX groups which have a memberUid which is something like:

memberUID: simon

Update:

AuthLDAPGroupAttributeIsDN off is the magic bit! This forces a filter on the uid rather than the full DN. LDAP as always Rocks!
rather than doing a

memberUid: cn=Simon Tennant,ou=People,dc=imaginator,dc=com

Sigh.

Should anyone ask, I am now running Apache 2

…and it was a relatively easy upgrade. I had an old and crufty Apache 1.3 that has now been migrated to a nice 2.0 configuration. Multiple SSL virtual hosts is a nice addition (although until OpenSSL is changed to include some sort of host sending outside of the ssl tunnel there will still be the problem of SSL certs not matching.

Please let me know if you find something not working correctly.

Should anyone ask, I am now running Apache 2

…and it was a relatively easy upgrade. I had an old and crufty Apache 1.3 that has now been migrated to a nice 2.0 configuration. Multiple SSL virtual hosts is a nice addition (although until OpenSSL is changed to include some sort of host sending outside of the ssl tunnel there will still be the problem of SSL certs not matching.

Please let me know if you find something not working correctly.

In case anyone asks, my new telco is PowerClean and linksys

When I was out in the center of town today and made 2 international phone calls through wifi access points named PowerClean and linksys. I would have perhaps paid ePlus €10 for the 2 calls, but instead I paid 0¢ when calling via my own Asterisk server and out to the PSTN via Voip Discount. Eplus needn’t worry, I’ll keep paying my rip off subscription to them a little longer. All this is possible using the Nokia E61 which I can highly recommend as a phone.

In case anyone asks, my new telco is PowerClean and linksys

When I was out in the center of town today and made 2 international phone calls through wifi access points named PowerClean and linksys. I would have perhaps paid ePlus €10 for the 2 calls, but instead I paid 0¢ when calling via my own Asterisk server and out to the PSTN via Voip Discount. Eplus needn’t worry, I’ll keep paying my rip off subscription to them a little longer. All this is possible using the Nokia E61 which I can highly recommend as a phone.

DD-WRT Rocks

I upgraded one of my Linksys WRT54G Routers with the DD-WRT software. It’s been running a couple of days now and is really great. It replaces a mediocre interface with a clean functional and usable interface. So far the router has also been reliable and extensively used for voip calls and general wireless connectivity.

The DD-WRT puts a slimmed down linux onto the Linksys access point. It even comes with a netflow export feature which is very cool.

Here’s a picture of the interface in action:

:

DD-WRT Rocks

I upgraded one of my Linksys WRT54G Routers with the DD-WRT software. It’s been running a couple of days now and is really great. It replaces a mediocre interface with a clean functional and usable interface. So far the router has also been reliable and extensively used for voip calls and general wireless connectivity.

The DD-WRT puts a slimmed down linux onto the Linksys access point. It even comes with a netflow export feature which is very cool.

Here’s a picture of the interface in action:

:

What I’m listening to

If I should die, let it be known that I read the following blogs:

…and listened to the following podcasts:

Website
  
Subscribe URL
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Just in case.