Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 46946 invoked from network); 25 Feb 2008 04:06:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 25 Feb 2008 04:06:55 -0000 Received: (qmail 78035 invoked by uid 500); 25 Feb 2008 04:06:40 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 78014 invoked by uid 500); 25 Feb 2008 04:06:40 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 78002 invoked by uid 99); 25 Feb 2008 04:06:40 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 24 Feb 2008 20:06:40 -0800 X-ASF-Spam-Status: No, hits=1.5 required=10.0 tests=SPF_PASS,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of atstake@gmail.com designates 209.85.146.177 as permitted sender) Received: from [209.85.146.177] (HELO wa-out-1112.google.com) (209.85.146.177) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 25 Feb 2008 04:06:06 +0000 Received: by wa-out-1112.google.com with SMTP id k22so1709849waf.0 for ; Sun, 24 Feb 2008 20:06:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; bh=xoZXBn4NaU1hIAWU7KRh44hgOCVIBByUSJofUaPHq+0=; b=TwGQFVwGGbEUdkXMqz43UsSf0dCQc/bmJYRhgMtSrfPFEAKrsaz10UWU9ZAidPJvHzE6aaZkleQei3k3c2/ulrGfeFgywHcXgJ6cw9DjPPTUWnQ+rpdFLUh+FDKVb20P49P7j1sXeHdgpqrsyodgdYXfIu1kQ9SZZ/RIgfN1pwE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=YI1kKoKMG8oa+j0rxlp28mbjVMGi2KbUZAg+C/aWBvWCj63oeHokLF1AxYVzhJI+HG69+KGZYqWqBbRr7JMUONgHhJliR+8o4SHf1kkPT+Qm9O5xCPCoz9PXVIy+rBLDYK2INqYih0foiSmHYpXkNdwQY3Uz8jKpLAw4U1TeI+Y= Received: by 10.114.195.19 with SMTP id s19mr2879896waf.58.1203912375943; Sun, 24 Feb 2008 20:06:15 -0800 (PST) Received: by 10.114.156.18 with HTTP; Sun, 24 Feb 2008 20:06:15 -0800 (PST) Message-ID: <8adc88580802242006v8cbb85eka1db7f13d27e8c15@mail.gmail.com> Date: Mon, 25 Feb 2008 15:06:15 +1100 From: Chris To: users@httpd.apache.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] ldap/ AD user authentication error I am trying to get Apache 2.2.4 on OpenSUSE 10.3 working with Active Directory (AD) LDAP authentication for users. But everytime I try to login I get a 403 error. I have ldap_module and authnz_ldap_module enabled. And I am trying over both HTTP and HTTPS but the password prompt comes back asking for user name & password again and again. I did a tcpdump and can see packets going to the AD end but nothing is coming back. I have put AllowOverride All in /etc/apache2/default-server.conf and also on /etc/apache2/vhosts.d/vhost-myserver-ssl.conf Here's my /etc/apache2/vhosts.d/vhost-myserver-ssl.conf & /etc/apache2/vhosts.d/vhost-myserver.conf AllowOverride All Options Indexes Order allow,deny Allow from all AuthUserFile /srv/www/htdocs/myserver/secret/.htaccess Here's my /path/to/.htaccess AuthName "Test" AuthType Basic AuthLDAPURL ldap://ad.myorg.org:389/ou=staff,ou=mkt,ou=locations,dc=myorg,dc=org AuthBasicProvider ldap AuthzLDAPAuthoritative off require valid-user Could anyone tell me what I am doing wrong? Any help would be much appreciated. Thanks. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org