httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patricia A Moss <pmo...@csc.com>
Subject Re: [users@httpd] Group authentication to AD
Date Fri, 19 Nov 2010 15:16:59 GMT
>requirements are OR'ed in 2.2.x.  Remove valid-user.

That was one of the tests that I attempted and posted:
2. If I remove "Require valid-user" then I receive an error when 
attempting access the repository and the error.log is as follows:
[Mon Nov 15 14:38:15 2010] [debug] mod_authnz_ldap.c(377): [client 
20.8.xxx.18x] [27994] auth_ldap authenticate: using URL 
ldap://server.domain.com:3268/DC=domain,DC=com?samAccountName?sub?(objectCategory=person)
[Mon Nov 15 14:38:15 2010] [debug] mod_authnz_ldap.c(474): [client 
20.8.xxx.18x] [27994] auth_ldap authenticate: accepting pmoss
[Mon Nov 15 14:38:15 2010] [crit] [client 20.8.232.187] configuration 
error:  couldn't check access.  No groups file?: /test_repo/


PATI MOSS
System Engineer Sr. Professional
CSC



From:
Eric Covener <covener@gmail.com>
To:
users@httpd.apache.org
Date:
11/19/2010 10:09 AM
Subject:
Re: [users@httpd] Group authentication to AD



> I have require ldap-filters configured in my location block, but it is 
not filtering.  It is still letting any valid userid through.
> My location block is configured as below:
> Require valid-user
> Require ldap-group CN=Active_Directory Group 
Name,OU=U.S.,OU=Groups,DC=domain,DC=com

requirements are OR'ed in 2.2.x.  Remove valid-user.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




Mime
View raw message