apache + AD and require ldap-group
First off, here's my conf:
As far as AD is concerned, I have a the user "ldap" located under IT-Accounts > Special Accounts.
ServerAlias svn svn.hq subversion
AuthName "Domain User Required:"
AuthLDAPBindDN "CN=ldap,OU=Special Accounts,OU=IT-Accounts,DC=dc,DC=mydomain,DC=com"
<LimitExcept GET POST>
require ldap-group CN=HW SVN,DC=dc,DC=mydomain,DC=com
I also have another OU named IT-Groups, which has another OU named Special Security Groups.
Under Special Security Groups, I have CN HW SVN. Under HW SVN I have the users listed.
The users are partof IT-Accounts, so CN=USER, etc. My goal is to provide HTTP access to only CN=FW SVN, CN=HW SVN, etc.
However, the problem is that when I setup ldap-group and enter CN=HW SVN, any user that isn't part of this group is still able to log-in. Despite the fact that that the user isn't part of that group.