Apache 2.4 and LDAP

Question

I had a server running RHEL 6.5 with httpd 2.2, and I had LDAP authentication for web pages working perfectly with this:

<Directory /var/www/html/restricted>
  AuthType Basic
  AuthName "Restricted files"
  AuthBasicProvider file ldap
  AuthUserFile /etc/httpd/local_users
  AuthGroupFile /etc/httpd/local_groups

  AuthLDAPBindDN CN=bind,OU=Generic-Logon,OU=Generic,DC=example,DC=com
  AuthLDAPBindPassword lamepassword
  AuthLDAPURL ldaps://ldap.example.com:636/dc=example,dc=com?sAMAccountName?sub

  AuthzLDAPAuthoritative off

  require group restricted
  require ldap-group CN=ug-employees,OU=Dept,OU=Dept-Groups,DC=example,DC=com
  require ldap-group CN=ug-others,OU=Dept,OU=Dept-Groups,DC=example,DC=com
</Directory>

Users were getting excessive 500 errors accessing the restricted pages, and some Googling tells me that going from httpd 2.2 to 2.4 could solve this. I installed a fresh server with RHEL 7 and httpd 2.4, and that exact same line. But now...

[~]$ sudo apachectl configtest
AH00526: Syntax error on line 426 of /etc/httpd/conf/httpd.conf:
Unknown Authn provider: ldap

What's going on here? The RHEL 7 manual says that LDAP authentication is baked into httpd 2.4, and AFAICT, I'm following the instructions from apache.org. FWIW, I can't any LDAP modules in yum or installed in my /etc/httpd/modules.

Thoughts? I know I'm missing something tiny.

Thanks!

Answer 1

According to Redhat's support site you should run

# subscription-manager repos --enable rhel-7-server-optional-rpms
# yum install mod_ldap -y

See: https://access.redhat.com/solutions/977573