Hello,
To setup LDAP access to the Oxidized site and restrict to a single AD group, is this along the right lines:
Edit: /etc/nginx/sites-available/oxidized
server {
server_name test.example.com;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
root /srv/test.example.com;
auth_ldap_url "ldap://10.8.0.238/dc=example,dc=com?samaccountname?sub?(objectClass=user)";
auth_ldap_binddn "[email protected]";
auth_ldap_binddn_passwd "mySpecialPassword";
location /ldapprotectedspace {
auth_ldap "Restricted Space";
auth_ldap_require valid_user;
auth_ldap_satisfy any;
}
}
#You can use various other restriction types:
auth_ldap_require group 'cn=admins,ou=group,dc=example,dc=com';
auth_ldap_require group 'ou=HR,dc=example,dc=com';
auth_ldap_satisfy all;
I’m not sure if I leave this as this either:
auth_ldap "Restricted Space";