### mod_vhost_ldap depends on mod_ldap ###
### you have to enable mod_ldap as well ###
### and probably set various cache options for it ###

###scope values: base, one, sub
###deref values: never, finding, searching, always
###remember, user specified filter is checked as RFC-defined ldap filter before substitution
###user filter specified here results with following internal filters and variables:
### _A_ is the server name from the request (vhost server name to find)
### _B_ is the uri for which access control is to be determined
### _C_ is the name of the require valid-user directive (auth prompt message)
### _D_ is the the user-defined filter
### _E_ is the protected physical directory (doesn't need to be existing file or dir)
### _F_ is the alias location uri 
### _G_ is the protected uri for which access control is to be determined (see _E_)
### _H_ is the alias uri which is to be aliased to specified directory
### Each use of search filter is logged with debug level

#####################################################################
### Vhost search 
### (&(_D_)(|(apacheServerName=_A_)(apacheServerAlias=_A_)))
#####################################################################
### Protected Location Search 
### (&(_D_)(apacheExtConfigServerName=_A_)(apacheExtConfigUri=_B_))
#####################################################################
### Protected Directory Search
### (&(_D_)(apacheExtConfigPath=_E_))
#####################################################################
### Alias Object Search
### (&(_D_)(apacheAliasConfigServerName=_A_)(apacheAliasConfigSourceUri=_H_))
#####################################################################
### Web user Location Search
### (&(_D_)(objectClass=apacheExtendedConfigUserObject)(apacheExtConfigUserServerName=_A_)(apacheExtConfigUserLocationUri=_G_))
#####################################################################
### Web user Directory Search
### (&(_D_)(objectClass=apacheExtendedConfigUserObject)(apacheExtConfigUserDirectoryName=_E_))
##################################

### ldap[si]://host[:port]/basedn[?attrib[?scope[?filter]]]

	VhostLdapEnabled On
	VhostLdapUrl ldap[si]://host[:port]/basedn[?attrib[?scope[?filter]]]
	#VhostLdapUrl ldap://hostname:389/dc=foo,dc=bar?*?sub?objectClass=activeObject
	VhostLdapBindDn "cn=read only apache admin,dc=foo,dc=bar"
	VhostLdapBindPw "secretpassword"
	VhostLdapWlcBaseDn "ou=webAccess,dc=foo,dc=bar"
	VhostLdapWucBaseDn "ou=webAccounts,dc=foo,dc=bar"
	VhostLdapAliasesBaseDn "ou=webAliases,dc=foo,dc=bar"
	VhostLdapDeref "never"
	VhostLdapFallback default
	VhostAliasesEnabled On
	VhostLocAuthEnabled On
	VhostDirAuthEnabled On