httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Schober <>
Subject Re: [users@httpd] apache 2.2 and ldap group authentication
Date Tue, 02 Jun 2009 18:11:23 GMT
* Jeff Shearer <> [2009-06-02 16:32]:
> Over the last 3 days I have played with a number of configurations and 
> executed numerous varieties of searchs.  But to no good.  If you look 
> down to the caption "My Best Result,"  It seems OpenLDAP has made it to 
> the point where it is searching the 2 cn(s).  But the filter error 
> prevents it from finding the uniqueMember.  If you search for 
> "bdb_search: 11 does not match filter" and move up 5 or six lines you 
> will see what makes me believe this.

What's wrong with slapd's default loglevel of 256? Useless noise
you're posting here, IMO. Logging ACLs is especially nonsensical when
binding with the rootdn, as the rootdn is not subject to ACLs, as I
explained in my other email. The default loglevel shows the filter and
scope used, the number of entries being returned, as well as any error
But I don't see a need to post slapd logs here in the first place.
If you don't understand them, this is the wrong list. If you do know
what they mean, you probably have the necessary info to correct your
AuthLDAPurl directive.

Maybe try constructing the necessary parts of the LDAPurl with the
ldapsearch command line client first. One you get that working (which
means you must understand all the parts: search base, scope, filter,
attributes requested, etc.) put them together to a complete LDAPurl
(per the RFC and possiby httpd docs).


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message