To add DUO authentication to LDAP

Links

https://duo.com/docs/ldap

HOWTO

duoauthproxy and Apache

Global Apache config

LDAPCacheTTL 7200
LDAPOpCacheTTL 3600
#Keeps it from flooding Duo after expiration, maybe should be even higher
LDAPRetryDelay 300

Inside VirtualHost config

Don't want this on my own network

SetEnvIf Remote_Addr "192\.168\.1\." AUTH_LDAP=1

AuthBasicProvider ldap
<If "-n %{ENV:AUTH_LDAP}">
  AuthLDAPURL ldap://ldap.example.com/dc=example,dc=com?sAMAccountName
  AuthName "Authentication with ldap"
  AuthLDAPBindDN CN=Administrator,CN=Users,DC=example,DC=com
  AuthLDAPBindPassword "f00b4r"
  Require valid-user
 </If>
 <Else>  
  AuthLDAPURL ldap://localhost/dc=example,dc=com?sAMAccountName
  AuthName "Authentication with duo"
  AuthLDAPBindDN CN=Administrator,CN=Users,DC=example,DC=com
  AuthLDAPBindPassword "f00b4r"
  Require valid-user
 </Else>

Anonymous

Search

Duo Authentication Proxy

Namespaces

More

Page actions

Contents

Links

HOWTO

duoauthproxy and Apache

Global Apache config

Inside VirtualHost config

Don't want this on my own network

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Duo Authentication Proxy

Links

HOWTO

duoauthproxy and Apache

Global Apache config

Inside VirtualHost config

Don't want this on my own network

Navigation

Wiki tools

Page tools