Mod_authnz_ldap with apache 2.2.0 (suse 10.1)

Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 52437 invoked from network); 28 Aug 2006 13:57:40 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 28 Aug 2006 13:57:40 -0000 Received: (qmail 22735 invoked by uid 500); 28 Aug 2006 13:57:30 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 22725 invoked by uid 500); 28 Aug 2006 13:57:30 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 22708 invoked by uid 99); 28 Aug 2006 13:57:30 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 Aug 2006 06:57:30 -0700 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=HTML_MESSAGE X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [213.138.34.28] (HELO bean.sungard.de) (213.138.34.28) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 28 Aug 2006 06:57:29 -0700 Received: from ffm-iproxy.sungard.de (localhost [127.0.0.1]) by bean.sungard.de (8.12.3/8.12.3/SuSE Linux 0.6) with ESMTP id k7SDv3lM000261 for ; Mon, 28 Aug 2006 15:57:05 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C6CAA9.D7161E2A" Date: Mon, 28 Aug 2006 15:57:03 +0200 Message-ID: <2CB20429A668E447A6171F7A0AF6D64D1B8852@ffm-mx2> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Mod_authnz_ldap with apache 2.2.0 (suse 10.1) Thread-Index: AcbKqddkZRyVTR2iTImlT89LocUOGA== From: "Ext_Krueger, Philipp" To: X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Mod_authnz_ldap with apache 2.2.0 (suse 10.1) X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------_=_NextPart_001_01C6CAA9.D7161E2A Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hello! I hope somebody can help me, last week I've set up an apache 2.0.x on windows and installed the mod_auth_ldap from http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_cache. html and I've managed to get it to work. Now I want to install it on a Linux machine but it's not so simple... I'm using Suse Linux 10.1 which features the Apache 2.2.0. That Apache version however includes its own ldap implementation - mod_authnz_ldap. For the life of me, I can't get it to do what I want. Following the modules I loaded and the options I set regarding LDAP: ################### APACHE_MODULES=3D"authz_host actions alias auth_basic authz_groupfile authn_file authz_user autoindex cgi dir include log_config mime negotiation setenvif status userdir asis imagemap authnz_ldap php5 authz_default info authn_alias ldap ldap_module" Options Indexes FollowSymLinks order allow,deny allow from all AuthName "All valid users" AuthType Basic AuthBasicProvider ldap AuthLDAPURL = "ldap://149.232.181.192:389/dc=3Dbanking,dc=3Dnet?sAMAccountName AuthLDAPBindDN "CN=3DExt_Krueger\, = Philipp,OU=3DFrankfurt,DC=3Dbanking,DC=3Dnet" AuthLDAPBindPassword "test1," require valid-user ################### On Windows, I use following config which works: ################### LoadModule auth_ldap_module modules/mod_auth_ldap.dll Options Indexes FollowSymLinks AllowOverride None order allow,deny allow from all AuthAuthoritative On AuthName "Inhouse only" AuthType Basic Bind_Tries 5 LDAP_Debug On LDAP_Protocol_Version 3 LDAP_Server 149.232.181.192 LDAP_Port 389 Base_DN "DC=3DBANKING,DC=3DNET" Bind_DN "CN=3DExt_Krueger\, = Philipp,OU=3DFrankfurt,DC=3Dbanking,DC=3Dnet" Bind_Pass "test1," UID_Attr sn require memberOf = "CN=3DTechnical_Support,OU=3DFrankfurt,DC=3Dbanking,DC=3Dnet" ################### The strange thing about the linux server is that it puts nothing in the error_log when I enter correct id and pass but says auth_ldap authenticate: user 9u23fh9h2f authentication failed; URI /admin/ [User not found][No such object] [Mon Aug 28 15:23:22 2006] [error] [client 127.0.0.1] user 9u23fh9h2f not found: /admin/ When I enter the nonexisting user 9u23fh9h2f. I've been searching for 3 days now and I'm at my wit's end - does anybody have a clue what I'm doing wrong? Thanks in advance, Phil ------_=_NextPart_001_01C6CAA9.D7161E2A Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Mod_authnz_ldap with apache 2.2.0 (suse 10.1)

Hello!

I hope somebody can help me, last week = I've set up an apache 2.0.x on windows and installed the mod_auth_ldap = from http://www.muquit.com/muquit/software/mod_auth_ldap/mod_au= th_ldap_cache.html and I've = managed to get it to work. Now I want to install it on a Linux machine = but it's not so simple…

I'm using Suse Linux 10.1 which = features the Apache 2.2.0. That Apache version however includes its own = ldap implementation - mod_authnz_ldap. For the life of me, I can't get = it to do what I want. Following the modules I loaded and the options I = set regarding LDAP:

###################
APACHE_MODULES=3D"authz_host = actions alias auth_basic authz_groupfile authn_file authz_user autoindex = cgi dir include log_config mime negotiation setenvif status userdir asis = imagemap authnz_ldap php5 authz_default info authn_alias ldap = ldap_module"

<Directory = "/srv/www/htdocs/admin">
Options Indexes FollowSymLinks
order allow,deny
allow from all
AuthName "All valid = users"
AuthType Basic
AuthBasicProvider ldap
AuthLDAPURL = "ldap://149.232.181.192:389/dc=3Dbanking,dc=3Dnet?sAMAccountName
AuthLDAPBindDN = "CN=3DExt_Krueger\, = Philipp,OU=3DFrankfurt,DC=3Dbanking,DC=3Dnet"
AuthLDAPBindPassword = "test1,"
require valid-user
</Directory>
###################
On Windows, I use following config = which works:
###################
LoadModule auth_ldap_module = modules/mod_auth_ldap.dll

<Directory = "C:\Programme\Apache2\htdocs\admin">
Options Indexes FollowSymLinks
AllowOverride None
order allow,deny
allow from all
AuthAuthoritative On
AuthName "Inhouse = only"
AuthType Basic
Bind_Tries 5
LDAP_Debug On
LDAP_Protocol_Version 3
LDAP_Server 149.232.181.192
LDAP_Port 389
Base_DN = "DC=3DBANKING,DC=3DNET"
Bind_DN "CN=3DExt_Krueger\, = Philipp,OU=3DFrankfurt,DC=3Dbanking,DC=3Dnet"
Bind_Pass "test1,"
UID_Attr sn
require memberOf = "CN=3DTechnical_Support,OU=3DFrankfurt,DC=3Dbanking,DC=3Dnet"
</Directory>
###################
The strange thing about the linux = server is that it puts nothing in the error_log when I enter correct id = and pass but says

auth_ldap authenticate: user 9u23fh9h2f = authentication failed; URI /admin/ [User not found][No such = object]
[Mon Aug 28 15:23:22 2006] [error] = [client 127.0.0.1] user 9u23fh9h2f not found: /admin/

When I enter the nonexisting user = 9u23fh9h2f. I've been searching for 3 days now and I'm at my wit's end - = does anybody have a clue what I'm doing wrong?

Thanks in advance,

Phil

------_=_NextPart_001_01C6CAA9.D7161E2A--