Results 1 to 9 of 9
httpd.conf
<Directory /www/>
#AllowOverride None
#Order allow,deny
#Allow from all
AuthType Basic
AuthName "Members Only"
AuthBasicProvider ldap
AuthLDAPURL ldap://***/o=*,dc=*dc=*?cn
AuthLDAPBindDN "cn=Manager,dc=*,dc=*"
AuthLDAPBindPassword {crypt}***
AuthzLDAPAuthoritative off
require valid-user
</Directory>
.htaccess
AuthName ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 04-20-2007 #1Just Joined!
- Join Date
- Apr 2007
- Posts
- 5
LDAP and Apache problem
httpd.conf
<Directory /www/>
#AllowOverride None
#Order allow,deny
#Allow from all
AuthType Basic
AuthName "Members Only"
AuthBasicProvider ldap
AuthLDAPURL ldap://***/o=*,dc=*dc=*?cn
AuthLDAPBindDN "cn=Manager,dc=*,dc=*"
AuthLDAPBindPassword {crypt}***
AuthzLDAPAuthoritative off
require valid-user
</Directory>
.htaccess
AuthName "Members Only"
AuthType Basic
AuthLDAPURL ldap://***/o=*,dc=*dc=*?cn
Require valid-user
I apache error log I receive: [Fri Mar 30 15:59:48 2007] [warn] [client 192.168.*.*] [4886] auth_ldap authenticate: user *** authentication failed; URI / [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
[Fri Mar 30 15:59:48 2007] [error] [client 192.168.1.*.*] user ***: authentication failure for "/": Password Mismatch
Server version: Apache/2.2.3
@(#) $OpenLDAP: slapd 2.3.27 (Oct 1 2006 16:34:13) $
brewbuilder@ls20-bc2-14.build.redhat.com:/builddir/build/BUILD/openldap-2.3.27/openldap-2.3.27/build-servers/servers/slapd
LDIF of my user:
dn: cn=test,o=Authorization,dc=*,dc=*
uid: test
objectClass: top
objectClass: person
objectClass: inetOrgPerson
sn: test
cn: test
mail: test@test.com
userPassword: test
- 04-20-2007 #2Linux Engineer
- Join Date
- Oct 2004
- Location
- North Carolina
- Posts
- 1,077
this is mine, and my works completly from within httpd.conf with no .htaccess
the relative folder determines what gets restricted http://fakeurl.com/relativefolder/Code:<Location /relativefolder/> AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative Off AuthName "whateveryouwant" AuthLDAPURL "ldap://fqdn_of_ldap_server/ou=it,ou=departments,dc=fake,dc=fake,dc=com?sAMAccountName" AuthLDAPBindDN "fakeuser@fake.fake.com" AuthLDAPBindPassword "fakepassword" require valid-user </location>
one difference I see though is mine is using authnz modules and yours is not, not sure how much of a difference that makes though. Let me know if that helps or not.
- 04-20-2007 #3Just Joined!
- Join Date
- Apr 2007
- Posts
- 5
I try with this configuration:
<Location /test/>
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative Off
AuthName "whateveryouwant"
AuthLDAPURL "ldap://ldap.*.*i/o=Authorization,dc=*,dc=*?cn"
AuthLDAPBindDN "cn=Manager,dc=*,dc=*"
AuthLDAPBindPassword "someone"
require valid-user
</location>
[Fri Apr 20 19:59:19 2007] [warn] [client *] [925] auth_ldap authenticate: user Test authentication failed; URI /test/ [ldap_simple_bind_s() to check user credentials failed][Invalid credentials]
[Fri Apr 20 19:59:19 2007] [error] [client *] user Test: authentication failure for "/test/": Password Mismatch
- 04-20-2007 #4Linux Engineer
- Join Date
- Oct 2004
- Location
- North Carolina
- Posts
- 1,077
try for the bindDN to use "youruser@your.domain.com" like I have above and see if it works.
- 04-20-2007 #5Just Joined!
- Join Date
- Apr 2007
- Posts
- 5
I try with this options but I always receive error 500:
[Fri Apr 20 21:45:59 2007] [warn] [client 192.*.*.*] [1295] auth_ldap authenticate: user * authentication failed; URI /test/ [LDAP: ldap_simple_bind_s() failed][Invalid DN syntax]
AuthLDAPBindDN "user@ldap.*.*"
AuthLDAPBindDN "Manager@ldap.*.*"
AuthLDAPBindDN "manager@ldap.*.*"
AuthLDAPBindDN "Manager@192.*.*.*"
- 04-20-2007 #6Linux Engineer
- Join Date
- Oct 2004
- Location
- North Carolina
- Posts
- 1,077
did you notice at the end of my ldap url, ?sAMAccountName
that tells the ldap lookup what field to search for.
I also assume that in your ldap structure the manager account you are searching for is not outside of o=Authorization,dc=*,dc=*
- 04-21-2007 #7Just Joined!
- Join Date
- Apr 2007
- Posts
- 5
This not work
Originally Posted by jledhead
- 04-21-2007 #8Just Joined!
- Join Date
- Apr 2007
- Posts
- 5
When I try with user which is not in directory
[Sat Apr 21 20:10:27 2007] [warn] [client *] [5189] auth_ldap authenticate: user * authentication failed; URI /test/ [User not found][No such object]
[Sat Apr 21 20:10:27 2007] [error] [client *] user * not found: /test/
When I try with user which is in directory
[Sat Apr 21 20:13:21 2007] [warn] [client *] [5202] auth_ldap authenticate: user * authentication failed; URI /test/ [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
[Sat Apr 21 20:13:21 2007] [error] [client *] user *: authentication failure for "/test/": Password Mismatch
- 03-30-2010 #9Just Joined!
- Join Date
- Mar 2010
- Posts
- 1
ldap authendtication faild with windows
Please look at the error
auth_ldap authenticate: user rk authentication failed; URI /twtest [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
