Return-Path: 
 <users-return-108279-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
X-Original-To: apmail-httpd-users-archive@www.apache.org
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id EB82010C44
	for <apmail-httpd-users-archive@www.apache.org>;
 Thu,  9 Jan 2014 17:30:31 +0000 (UTC)
Received: (qmail 4421 invoked by uid 500); 9 Jan 2014 17:29:07 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 4050 invoked by uid 500); 9 Jan 2014 17:28:57 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 3956 invoked by uid 99); 9 Jan 2014 17:28:53 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Jan 2014 17:28:53 +0000
X-ASF-Spam-Status: No, hits=-0.1 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_MED,SPF_PASS,WEIRD_PORT
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: local policy includes SPF record at
 spf.trusted-forwarder.org)
Received: from [74.125.149.209] (HELO na3sys009aog113.obsmtp.com)
 (74.125.149.209)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 09 Jan 2014 17:28:45 +0000
Received: from mail-qe0-f51.google.com ([209.85.128.51]) (using TLSv1) by
 na3sys009aob113.postini.com ([74.125.148.12]) with SMTP
	ID DSNKUs7cOAdd2L3QWdISiNo1yBmf7k/OnaHY@postini.com;
 Thu, 09 Jan 2014 09:28:25 PST
Received: by mail-qe0-f51.google.com with SMTP id 1so3510932qee.10
        for <users@httpd.apache.org>; Thu, 09 Jan 2014 09:28:23 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:date:message-id:subject:from:to
         :content-type;
        bh=2q5exQTFFhIFakyOn8uBKA2CAwAf/w1hezmkMNNjTio=;
        b=TAoPh8advLKZLaf8bVDhJIfd7VK7M/1MzspW9YFDUbnUkonqqYsEdfs+M437HyuBNN
         dkQN1DkuSI0c5yJBdVGzEnEc6w0js5TbI1rufhUmZY3tBIBZS1gHf/cSimBhF62ExV1v
         1tXpLA4CeXJJimPe55hDhOHm6abNUZ3E6/YXkezCAWTqq+LO9RAvBe9H+/7phRX65TzT
         QHbpYL2hxEM6WMaYjrfOOzOvtw/NV43RRMeexC/6QKPfHRfidyftfsujeATqWcK39hdU
         Lghp6TkHqsGpWtEhf6XOk2GCk1V6vG8EMTxcj9TUaW8jTuCcAI1GS39E5jyuij+SArNp
         5CaA==
X-Gm-Message-State: 
 ALoCoQlWo3L/KRm1kQc8CF85QGHY3xGmJBAx723FT+7eL9zbk37opNk4ase19C9GMjQt4GkRsXI14fJJrbYajx8VViIsH9sWnKUXym81lTspbnm3rIuSwUpkuLHrp1UsiOD1C3erHqzUqV72BDpSuu8aOr2t5FnmWmQLOhym67imX8QZ3c1/aD4=
X-Received: by 10.49.1.10 with SMTP id 10mr10029053qei.6.1389288503410;
        Thu, 09 Jan 2014 09:28:23 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.49.1.10 with SMTP id 10mr10029042qei.6.1389288503332; Thu,
 09 Jan 2014 09:28:23 -0800 (PST)
Received: by 10.224.135.4 with HTTP; Thu, 9 Jan 2014 09:28:23 -0800 (PST)
Date: Thu, 9 Jan 2014 11:28:23 -0600
Message-ID: 
 <CAE0O7AhXpDFA90HyvRBLrbxova1TdVzB8LDV9WE+JmNC_1Zm7w@mail.gmail.com>
From: Rob Yamry <ryamry@kimberly.k12.wi.us>
To: users@httpd.apache.org
Content-Type: multipart/alternative; boundary=047d7b5db592bb6c4904ef8cefeb
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: [users@httpd] Cannot authentication locally when LDAP is unavailable

--047d7b5db592bb6c4904ef8cefeb
Content-Type: text/plain; charset=ISO-8859-1

Hello-
  Im having a problem where local authentication will not work when when
the configured LDAP server is unavailble.  When the ldap server is online I
can authenticate fine against ldap and local file.  However, when the ldap
server is offline, I cannot authenticate with the user1 account.

Id appreciate any help you could provide.  Ive searched a lot on this and
found many examples, all very similar to my config below, but I still
cannot failback authentication to local file when ldap is unavailable.  Im
running Apache/2.2.10

AuthName "Server Access"
AuthType Basic
# Check ldap auth first, then file auth
AuthBasicProvider file ldap
AuthUserFile /etc/apache2/htpasswd
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://
ldap.domain.com:389/OU=Users,DC=domain,DC=com?sAMAccountName
AuthLDAPBindDN "domain\ldap_user"
AuthLDAPBindPassword password
AuthLDAPGroupAttributeIsDN off

Require user user1
Require ldap-attribute memberOf=CN=groupName,DC=domain,DC=com

--047d7b5db592bb6c4904ef8cefeb
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>Hello-</div><div>=A0 Im having a problem where local =
authentication will not work when when the configured LDAP server is unavai=
lble. =A0When the ldap server is online I can authenticate fine against lda=
p and local file. =A0However, when the ldap server is offline, I cannot aut=
henticate with the user1 account.</div>
<div><br></div><div>Id appreciate any help you could provide. =A0Ive search=
ed a lot on this and found many examples, all very similar to my config bel=
ow, but I still cannot failback authentication to local file when ldap is u=
navailable. =A0Im running Apache/2.2.10</div>
<div><br></div><div><div>AuthName &quot;Server Access&quot;</div><div>AuthT=
ype Basic</div><div># Check ldap auth first, then file auth</div><div>AuthB=
asicProvider file ldap</div><div>AuthUserFile /etc/apache2/htpasswd</div>
<div>AuthzLDAPAuthoritative off<br></div><div>AuthLDAPURL ldap://<a href=3D=
"http://ldap.domain.com:389/OU=3DUsers,DC=3Ddomain,DC=3Dcom?sAMAccountName"=
>ldap.domain.com:389/OU=3DUsers,DC=3Ddomain,DC=3Dcom?sAMAccountName</a><br>=
</div><div>
AuthLDAPBindDN &quot;domain\ldap_user&quot;</div><div>AuthLDAPBindPassword =
password</div><div>AuthLDAPGroupAttributeIsDN off</div><div><br></div><div>=
Require user user1</div><div>Require ldap-attribute memberOf=3DCN=3DgroupNa=
me,DC=3Ddomain,DC=3Dcom</div>
</div><div><br></div>
</div>

--047d7b5db592bb6c4904ef8cefeb--