hope this isn’t too late for you. You can use the authz library inside apache to authenticate to AD. it should be pre-built into apache on linux.
Then just add this block to your httpd.conf file - this is an example for giving authorization to you /usr/local/nagios/share folder.
Allow from all
AuthName "Windom1 account login"
AuthLDAPURL "ldap://:3268/?sAMAccountName?sub?(memberOf=CN=<yourgroup. . . >)"
the tricky bit is navigating through your domain to find out how the group is defined. so <yourgroup. . .> will be something like the example below, but it’s different for everybody based on how you structure your AD.
here’s an example of <yourgroup. . .> for allowing access to anyone from the IT group if it’s structured under groups, central, us, in the domain called DOMAIN.LOCAL
I had to look at an open source domain browser to find out if each level of the tree was a CN or an OU - frustratingly, I couldn’t find that information out by using the standard “active directory users and computers” that comes with microsoft. I don’t remember what tool I used though - maybe one of these will work for you.
technet.microsoft.com/en-us/scri … 39958.aspx
you can also use the dsquery command in a windows shell to query active directory