Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 53539 invoked from network); 3 Jan 2011 18:24:07 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 3 Jan 2011 18:24:07 -0000 Received: (qmail 52830 invoked by uid 500); 3 Jan 2011 18:24:03 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 52767 invoked by uid 500); 3 Jan 2011 18:24:03 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 52759 invoked by uid 99); 3 Jan 2011 18:24:02 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jan 2011 18:24:02 +0000 X-ASF-Spam-Status: No, hits=-2.3 required=10.0 tests=RCVD_IN_DNSWL_MED,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [216.82.241.83] (HELO mail37.messagelabs.com) (216.82.241.83) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jan 2011 18:23:53 +0000 X-VirusChecked: Checked X-Env-Sender: DLONG@Lynden.com X-Msg-Ref: server-3.tower-37.messagelabs.com!1294079009!65066373!4 X-StarScan-Version: 6.2.9; banners=-,-,- X-Originating-IP: [12.144.241.11] Received: (qmail 2842 invoked from network); 3 Jan 2011 18:23:31 -0000 Received: from mailgw01.lynden.com (HELO LISHUBCAS1.Lynden.com) (12.144.241.11) by server-3.tower-37.messagelabs.com with AES128-SHA encrypted SMTP; 3 Jan 2011 18:23:31 -0000 Received: from LISMBX1.Lynden.com ([fe80::c8c4:8552:8db4:8ad]) by LISHUBCAS1.Lynden.com ([2002:8001:a52::8001:a52]) with mapi; Mon, 3 Jan 2011 10:23:31 -0800 From: David Long To: "users@httpd.apache.org" Date: Mon, 3 Jan 2011 10:23:29 -0800 Thread-Topic: FW: [users@httpd] help on compile 2.2.17 with ldap support Thread-Index: AcuoXYt5lq2abw3WTVqIbEHZnJWpFwDFaxBQ Message-ID: References: <4D18E3B4.1060803@kippdata.de><4D190FBC.6090605@kippdata.de><4D1A545C.5000008@kippdata.de> <4D1CE6F9.7080802@kippdata.de> In-Reply-To: <4D1CE6F9.7080802@kippdata.de> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org Subject: RE: FW: [users@httpd] help on compile 2.2.17 with ldap support Thanks Rainer, I will start a new discussion about ldap authentication. David Long -----Original Message----- From: Rainer Jung [mailto:rainer.jung@kippdata.de]=20 Sent: Thursday, December 30, 2010 12:09 PM To: users@httpd.apache.org Subject: Re: FW: [users@httpd] help on compile 2.2.17 with ldap support Hi David, I'm not an LDAP expert. I suggest now that it seems the compilation=20 worked fine and ldao is in place, you start a new discussion thread=20 about how to use ldap authentication. Please provide your configuration and th below error messages when=20 starting that discussion. Regards, Rainer On 30.12.2010 18:10, David Long wrote: > Hi Rainer, > I followed those two document and corrected my configuration. > Now http started fine. But when I hit the restricted folder. I still got = error. > Here is my error_log, parser fine but ldap initialization failed. How do = I test my apache ldap function? Or do I need to recompile my apr-util? > > [Wed Dec 29 15:37:12 2010] [debug] mod_authnz_ldap.c(1010): [293] auth_ld= ap url parse: `ldap://128.1.10.243:389/ou=3Dpeople,dc=3Dlynden,dc=3Dcom?uid= ?sub?(objectClass=3DorganizationalPerson)', Host: 128.1.10.243:389, Port: 3= 89, DN: ou=3Dpeople,dc=3Dlynden,dc=3Dcom, attrib: uid, scope: subtree, filt= er: (objectClass=3DorganizationalPerson), connection mode: not using SSL > [Wed Dec 29 15:37:12 2010] [debug] mod_authnz_ldap.c(403): [client 12.171= .37.10] [293] auth_ldap authenticate: using URL ldap://128.1.10.243:389/ou= =3Dpeople,dc=3Dlynden,dc=3Dcom?uid?sub?(objectClass=3DorganizationalPerson) > [Wed Dec 29 15:37:12 2010] [info] [client 12.171.37.10] [293] auth_ldap a= uthenticate: user dlong authentication failed; URI /EMU [LDAP: ldap initial= ization failed][Unknown error] > > Thanks > David Long > > -----Original Message----- > From: Rainer Jung [mailto:rainer.jung@kippdata.de] > Sent: Tuesday, December 28, 2010 1:19 PM > To: users@httpd.apache.org > Subject: Re: FW: [users@httpd] help on compile 2.2.17 with ldap support > > On 28.12.2010 20:15, David Long wrote: >> Hi Rainer, >> I downloaded apr 1.4.2 and apr-util 1.3.10 >> For apr 1.4.2, I did "configure --prefix=3D/www/apache2/apr-httpd/" >> For apr util 1.3.10, I did "configure --prefix=3D/www/apache2/apr-util-h= ttpd/ --with-apr=3D/www/apache2/apr-httpd/ --with-ldap" >> >> For httpd-2.2.17 >> configure \ >> "--prefix=3D/www/apache2" \ >> "--with-apr=3D/www/apache2/apr-httpd/" \ >> "--with-apr-util=3D/www/apache2/apr-util-httpd/" \ >> "--enable-so" \ >> "--enable-proxy" \ >> "--enable-ssl" \ >> "--enable-deflate" \ >> "--enable-rewrite" \ >> "--enable-headers" \ >> "--enable-cgid" \ >> "--enable-ldap" \ >> "--enable-authnz-ldap" \ >> "$@" >> >> All compiled and installed fine. >> >> But I got error when I started http, >> # bin/apachectl start >> Syntax error on line 115 of /www/apache2/conf/sites-enabled/www.lynden.c= om.conf: >> Invalid command 'LDAP_Server', perhaps misspelled or defined by a module= not included in the server configuration > > That's true, there is no configuration directive named "LDAP_Server". > >> I had line like "LDAP_Server 128.1.10.243" in config file. > > So that is a configuration error. > > See > > http://httpd.apache.org/docs/2.2/en/mod/mod_ldap.html > > and > > http://httpd.apache.org/docs/2.2/en/mod/mod_authnz_ldap.html > >> I checked "util_ldap.c" is in the httpd -l listing >> # /www/apache2/bin/httpd -l >> Compiled in modules: >> core.c >> mod_authn_file.c >> mod_authn_default.c >> mod_authz_host.c >> mod_authz_groupfile.c >> mod_authz_user.c >> mod_authnz_ldap.c >> mod_authz_default.c >> mod_auth_basic.c >> mod_include.c >> mod_filter.c >> mod_deflate.c >> util_ldap.c > > Correct. This is (unfortunately) the name of mod_ldap when compiled in > statically. > >> mod_log_config.c >> mod_env.c >> mod_headers.c >> mod_setenvif.c >> mod_version.c >> mod_proxy.c >> mod_proxy_connect.c >> mod_proxy_ftp.c >> mod_proxy_http.c >> mod_proxy_scgi.c >> mod_proxy_ajp.c >> mod_proxy_balancer.c >> mod_ssl.c >> prefork.c >> http_core.c >> mod_mime.c >> mod_status.c >> mod_autoindex.c >> mod_asis.c >> mod_cgi.c >> mod_cgid.c >> mod_negotiation.c >> mod_dir.c >> mod_actions.c >> mod_userdir.c >> mod_alias.c >> mod_rewrite.c >> mod_so.c >> >> But there is no mod_ldap.so module in apache libexec or modules director= ies > > Check the timestamps of the files in the libexec directoy. I expect all > of them are older than the installation and they do not belong to your > new installation. You compiled the modules staticaly, so they are built > into the httpd binary, not as separate loadable module files. By default > Apache installs all modules into a directory named modules. The name > "libexec" was used long ago only for Apache 1.3 (and older). The modules > below are not for Apache 1.3 but might be left overs from some other > Apche 2.0 installation (e.g. mod_perl and mod_auth_gs do not come > bundled with Apache). > >> # ls /www/apache2/libexec >> httpd.exp mod_dir.so mod_proxy.so >> mod_access.so mod_disk_cache.so mod_proxy_connect.so >> mod_actions.so mod_env.so mod_proxy_ftp.so >> mod_alias.so mod_expires.so mod_proxy_http.so >> mod_asis.so mod_ext_filter.so mod_rewrite.so >> mod_auth.so mod_file_cache.so mod_setenvif.so >> mod_auth_anon.so mod_headers.so mod_speling.so >> mod_auth_dbm.so mod_imap.so mod_ssl.so >> mod_auth_digest.so mod_include.so mod_status.so >> mod_auth_gss.so mod_info.so mod_suexec.so >> mod_autoindex.so mod_log_config.so mod_unique_id.so >> mod_cache.so mod_log_forensic.so mod_userdir.so >> mod_cern_meta.so mod_mem_cache.so mod_usertrack.so >> mod_cgi.so mod_mime.so mod_version.so >> mod_dav.so mod_mime_magic.so mod_vhost_alias.so >> mod_dav_fs.so mod_negotiation.so >> mod_deflate.so mod_perl.so >> >> Can you or someone tell me what is missing? > > I'd say nothing is missing, but your configuration is wrong. > > Regards, > > Rainer --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org