Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 77913 invoked from network); 14 Jul 2005 19:57:15 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 14 Jul 2005 19:57:15 -0000 Received: (qmail 60960 invoked by uid 500); 14 Jul 2005 19:56:37 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 60824 invoked by uid 500); 14 Jul 2005 19:56:34 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 60632 invoked by uid 99); 14 Jul 2005 19:56:33 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 14 Jul 2005 12:56:33 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [63.66.129.237] (HELO hermes.alterthought.com) (63.66.129.237) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 14 Jul 2005 12:56:28 -0700 Received: (qmail 22297 invoked from network); 14 Jul 2005 19:42:11 -0000 Received: from unknown (HELO JWEILAND) (63.66.129.234) by hermes.alterthought.com with SMTP; 14 Jul 2005 19:42:11 -0000 From: "Jeremy Weiland" To: Date: Thu, 14 Jul 2005 15:55:53 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: <57F9959B46E0FA4D8BA88AEDFBE582907435@pxtbenexd01.pxt.primeexalia.com> Thread-Index: AcWIlBMemCgkO4AWTFWgfOKX6uZHzwAAOmdgAAYp+qA= X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Virus-Checked: Checked by ClamAV on apache.org Message-Id: <20050714195629.E9EC110FB2A5@asf.osuosl.org> Subject: RE: [users@httpd] LDAP Authorization with Active Directory X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N I should be more clear. When I load the following modules: LoadModule ldap_module modules/util_ldap.so LoadModule auth_ldap_module modules/mod_auth_ldap.so Apache crashes in two cases: when I try to authenticate, and when I try to shut down the server. I'll try your tip with the validlogin@yourdomain.com, but honestly there's something up because even if I don't try to login, Apache crashes on shutdown when those above two modules are loaded. ______________________________ Jeremy Weiland Systems Engineer ALTERthought 4449 Cox Road Glen Allen, VA 23060 (804) 934 - 0300 www.alterthought.com -----Original Message----- From: Gary W. Smith [mailto:gary@primeexalia.com] Sent: Thursday, July 14, 2005 12:59 PM To: users@httpd.apache.org Subject: RE: [users@httpd] LDAP Authorization with Active Directory With the exception of changing the user, domain name and password, this was cut from a working ldap congfiguration. Note the validlogin@yourdomain.com. I could never get the full DN to work properly. This works like a charm. Also, I use forestdnszones as the ldap server as it will pickup any domain controller on the local site. There are 14 in total. If one goes down it will just bind to the next. AuthLDAPAuthoritative on AuthLDAPEnabled on AuthName "My Secure Access" AuthType Basic AuthLDAPBindDN validlogin@yourdomain.com AuthLDAPBindPassword somepassword AuthLDAPUrl ldap://forestdnszones.yourdomain.com:389/ou=Users,dc=yourdomain,dc=com?s amAccountName?sub?(objectClass=*) require valid-user > -----Original Message----- > From: Jeremy Weiland [mailto:jweiland@alterthought.com] > Sent: Thursday, July 14, 2005 9:50 AM > To: users@httpd.apache.org > Subject: [users@httpd] LDAP Authorization with Active Directory > > Hi, > > I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based > on > Active Directory settings. I've got an LDAP browser on my computer and > can > connect to the Win2k3 server perfectly, but for some reason when I > authenticate over the website it brings Apache down with an error in > wldap32.dll. I have NO idea what's going on - any clue? > > Say the word and I'll provide more details. Here's my directory settings > in > httpd.conf: > > > Options All ExecCGI -Indexes > Order allow,deny > Allow from all > > AuthLDAPAuthoritative on > > AuthType Basic > > AuthName "Restricted Area" > > AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com > > AuthLDAPBindPassword xxxxxx > > #tried the both the string below and the one below that > # AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=*) > AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=User) > > require valid-user > > > Thanks - I'm kind of a newbie to Apache but I just got thrown into this, > and > I've been scouring the web like crazy for tips. Posting here is a last > resort, and I do appreciate the help. > ______________________________ > > Jeremy Weiland > Systems Engineer > > ALTERthought > 4449 Cox Road > Glen Allen, VA 23060 > > www.alterthought.com > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See for more info. > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org > " from the digest: users-digest-unsubscribe@httpd.apache.org > For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org