Problem:

Integrating LDAP authentication for external tools using port 7636 and an NGINX SSL proxy can be challenging. The setup requires a stable DNS alias pointing to the correct LDAP port (636) with a valid SSL certificate. The proxy must also redirect the UCS primary LDAP port (7636) seamlessly to port 636.

Solution:

Below is an example configuration for an Apache site using Basic Authentication to facilitate LDAP authentication via the NGINX SSL proxy:

 AuthType Basic
 AuthBasicProvider ldap
 AuthName "SCHEIN"
 AuthLDAPURL "ldaps://ldaps.schein.com:636/cn=users,dc=schein,dc=com?uid"
 AuthLDAPInitialBindAsUser on
 AuthLDAPCompareAsUser on
 AuthLDAPInitialBindPattern (.*) uid=$1,cn=users,dc=schein,dc=com
 Require valid-user

See also: