1. 讓Apache 2.2支援PAM驗證
下載安裝Mod_Auth_External
apxs -c mod_authnz_external.c
apxs -i -a mod_authnz_external.la
2.安裝密碼認證程式
下載安裝 pwauth
編輯 config.h ,
#define PAM (原為#define SHADOW_SUN)
#define SERVER_UIDS 48 (請根據Apache執行者的 UID 調整)
關掉下面這行(因為winbind取得的ID遠大於500)
/*#define MIN_UNIX_UID 500
編譯
[root@centos5 pwauth]# make
[root@centos5 pwauth]# mv pwauth /usr/local/sbin
[root@centos5 pwauth]# mv unixgroup /usr/local/sbin
3.修改 httpd.conf ,理論上安裝mod_auth_external 時會自動增加下面這行
LoadModule authnz_external_module modules/mod_authnz_external.so
4.修改conf.d的mrtg.conf (以修改這個檔為範例)
<Ifmodule>
AddExternalAuth pwauth /usr/sbin/pwauth
SetExternalAuthMethod pwauth pipe
</Ifmodule>
<Directory>
AllowOverride AuthConfig
</Directory>
5.新增 /etc/pam.d/pwauth 內容如下
auth required pam_nologin.so
auth include system-auth
account include system-auth
session include system-auth
6.在mrtg下新增.htaccess 內容如下
AuthType Basic
AuthName Login
AuthBasicProvider external
AuthExternal pwauth
GroupExternal unixgroup
require valid-user
7. Winbind 部分請自行設定完整