On Thu, Feb 14, 2008 at 9:13 AM, Radosław Antoniuk <[EMAIL PROTECTED]> wrote: > So, Is it possible? The question is, is there a way of using the > actual login/password credentials for the binding phase and if bind > succeeds ==> authentication true and go to authorization phase?
The problem you're hitting is that before Apache can use the username/password provided, it needs to translate the "web" username into an LDAP distinguished name by querying LDAP -- this is what the BindDN/Password are for. Maybe your MSAD folks can setup a limited access user that can perform this specific query? -- Eric Covener [EMAIL PROTECTED]
