httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <>
Subject Re: [users@httpd] LDAP authentication against an Active Directory server
Date Mon, 19 May 2008 23:52:27 GMT
On Mon, May 19, 2008 at 7:14 PM, David Dyer-Bennet
<> wrote:

> Then I see *another* search for the same user record, which fails with
> an error saying a bind must be done first ("errorMessage: 00000000:
> LdapErr: DSID-0C090627, comment: In order to perform this operation a
> successful bind must be completed on the connection., data 0, vece").

When you point a regular LDAP client at AD, it sees a bunch of noisy
referrals. Many LDAP clients won't just volunteer to pass on the
credentials you specified for the initial search onto these referrals,
for good reason.

MS provides a daemon called Active Directory Application Mode (ADAM)
that flattens the entire LDAP topology into a single server, for use
by traditional clients. The other alternative is to point Apache at
the "global catalog" port on the AD system -- this also avoids the

Eric Covener

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message