phpLDAPadmin is an LDAP administration tool written in PHP.
phpLDAPadmin will connect to the directory with a static DN and password, and so will not request authentication anymore. The access to phpLDAPadmin will be protected by LemonLDAP::NG with specific access rules.
Just set the authentication type to config and indicate DN and password inside the file config.php:
$ldapservers->SetValue($i,'server','auth_type','config'); $ldapservers->SetValue($i,'login','dn','cn=Manager,dc=example,dc=com'); $ldapservers->SetValue($i,'login','pass','secret');
Configure phpLDAPadmin virtual host like other protected virtual host.
<VirtualHost *:80> ServerName phpldapadmin.example.com PerlHeaderParserHandler Lemonldap::NG::Handler ... </VirtualHost>
server {
  listen 80;
  server_name phpldapadmin.example.com;
  root /path/to/application;
  # Internal authentication request
  location = /lmauth {
    internal;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/llng-fastcgi-server/llng-fastcgi.sock;
    # Drop post datas
    fastcgi_pass_request_body  off;
    fastcgi_param CONTENT_LENGTH "";
    # Keep original hostname
    fastcgi_param HOST $http_host;
    # Keep original request (LLNG server will received /llauth)
    fastcgi_param X_ORIGINAL_URI  $request_uri;
  } 
 
  # Client requests
  location / {
    auth_request /lmauth;
    auth_request_set $lmremote_user $upstream_http_lm_remote_user;
    auth_request_set $lmlocation $upstream_http_location;
    error_page 401 $lmlocation;
    try_files $uri $uri/ =404;
 
    ...
 
    include /etc/lemonldap-ng/nginx-lua-headers.conf;
  }
  location / {
    try_files $uri $uri/ =404;
  }
}
Go to the Manager and create a new virtual host for phpLDAPadmin.
Just configure the access rules.
No headers are required.