httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ext_Krueger, Philipp" <Philipp.Krue...@sungard.de>
Subject AW: [users@httpd] Mod_authnz_ldap with apache 2.2.0 (suse 10.1)
Date Tue, 29 Aug 2006 06:44:18 GMT
Just thought I'd let you share my new-found knowledge:
require valid-user
"Requires that mod_authz_user
<http://httpd.apache.org/docs/2.2/mod/mod_authz_user.html>  be loaded
and that the AuthzLDAPAuthoritative
<http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#authzldapauth
oritative>  directive be set to off."
Thanks to the guys in #apache - I'd be ripping out tufts of hair by now
without their help...

________________________________

Von: Ext_Krueger, Philipp [mailto:Philipp.Krueger@sungard.de] 
Gesendet: Montag, 28. August 2006 15:57
An: users@httpd.apache.org
Betreff: [users@httpd] Mod_authnz_ldap with apache 2.2.0 (suse 10.1)



Hello! 

I hope somebody can help me, last week I've set up an apache 2.0.x on
windows and installed the mod_auth_ldap from
http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_cache.
html
<http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_cache
.html>  and I've managed to get it to work. Now I want to install it on
a Linux machine but it's not so simple...

I'm using Suse Linux 10.1 which features the Apache 2.2.0. That Apache
version however includes its own ldap implementation - mod_authnz_ldap.
For the life of me, I can't get it to do what I want. Following the
modules I loaded and the options I set regarding LDAP:

################### 
APACHE_MODULES="authz_host actions alias auth_basic authz_groupfile
authn_file authz_user autoindex cgi dir include log_config mime
negotiation setenvif status userdir asis imagemap authnz_ldap php5
authz_default info authn_alias ldap ldap_module"

<Directory "/srv/www/htdocs/admin"> 
Options Indexes FollowSymLinks 
order allow,deny 
allow from all 
AuthName "All valid users" 
AuthType Basic 
AuthBasicProvider ldap 
AuthLDAPURL "ldap://149.232.181.192:389/dc=banking,dc=net?sAMAccountName

AuthLDAPBindDN "CN=Ext_Krueger\, Philipp,OU=Frankfurt,DC=banking,DC=net"

AuthLDAPBindPassword "test1," 
require valid-user 
</Directory> 
################### 
On Windows, I use following config which works: 
################### 
LoadModule auth_ldap_module modules/mod_auth_ldap.dll 

<Directory "C:\Programme\Apache2\htdocs\admin"> 
Options Indexes FollowSymLinks 
AllowOverride None 
order allow,deny 
allow from all 
AuthAuthoritative On 
AuthName "Inhouse only" 
AuthType Basic 
Bind_Tries 5 
LDAP_Debug On 
LDAP_Protocol_Version 3 
LDAP_Server 149.232.181.192 
LDAP_Port 389 
Base_DN "DC=BANKING,DC=NET" 
Bind_DN "CN=Ext_Krueger\, Philipp,OU=Frankfurt,DC=banking,DC=net" 
Bind_Pass "test1," 
UID_Attr sn 
require memberOf "CN=Technical_Support,OU=Frankfurt,DC=banking,DC=net" 
</Directory> 
################### 
The strange thing about the linux server is that it puts nothing in the
error_log when I enter correct id and pass but says

auth_ldap authenticate: user 9u23fh9h2f authentication failed; URI
/admin/ [User not found][No such object] 
[Mon Aug 28 15:23:22 2006] [error] [client 127.0.0.1] user 9u23fh9h2f
not found: /admin/ 

When I enter the nonexisting user 9u23fh9h2f. I've been searching for 3
days now and I'm at my wit's end - does anybody have a clue what I'm
doing wrong?

Thanks in advance, 

Phil 


Mime
View raw message