Hooking up Apache WebDAV to Zentyal Active Directory.

Written by stovesy

Nothing too tricky here, but this may save someone a little bit of head scratching. Active directory expects the BindDN to be in a slightly different format than OpenLDAP and it’s also on port 389.

You’ll be creating and editing an additional config file for your virtual host; I created mine as. /etc/apache2/sites-available/sitename.co.uk/dav.conf

This configuration grants access to users belonging to the webdav group, so you’ll need to make sure the group is in your active directory and users are assigned to it. It also authorises against the sAMAccountName – which is the user login name, but this can easily be altered to an email address etc.

Alias /webdav /srv/www/sitename.co.uk
<Location /webdav>
 Dav on
 AuthName "Development webdav"
 AuthType Basic
 AuthBasicProvider ldap
 AuthLDAPUrl ldap://localhost:389/cn=Users,dc=sitename,dc=co,dc=uk?sAMAccountName?sub?(objectClass=*)
 AuthLDAPBindDN Administrator@sitename.co.uk
 AuthLDAPBindPassword your-admin-password-for-LDAP-access
 Require ldap-group CN=webdav,CN=Groups,dc=sitename,dc=co,dc=uk
 php_flag engine off
</Location>

Reload you Apache config with sudo service apache2 reload or something which works for you, and then test access with the excellent cadaver client. If you’re accessing from Windows 7 you’ll need to set up for Basic Auth. There’s a detailed walk-through here.

Leave a Reply