[Auth_ldap] mod_auth_ldap AD 2k3 error

Shawn core at enodev.com
Tue Mar 8 06:14:41 PST 2005 

Try specifying the global catalog port on the 2k3 server.

I didn't scan your config for mistakes, but I had trouble with 2k3, I
think because it was a mixed domain (2000/2003).

Otherwise, sniff packets and show folks the conversation between
auth_}ldap and your ldap.

On Tue, 2005-03-08 at 12:09 +0100, Emmanuel SCIEUR wrote:
> I have a Windows 2003 AD, Apache 1.3.33 and auth-ldap_1.6.0-8,
> 
> If I try to get /nagios/cgi-bin/status.cgi
> I have the error message:
> 
> LDAP search for (&(objectClass=user)(sAMAccountName=<user>)) failed: LDAP
> error: Operations error; URI /nagios/cgi-bin/status.cgi
> 
> And if I try to get /usr/share/nagios/htdocs/index.html All is right.
> 
> My configuration is:
> 
> <DirectoryMatch /usr/lib/cgi-bin/nagios>
>         Options ExecCGI
>  
>         AllowOverride AuthConfig
>         Order Allow,Deny
>         Allow From All
>         AuthLDAPAuthoritative off
>         AuthLDAPURL
> ldap://<server>.<domain>.eseo.fr:389/dc=<domain>,dc=eseo,dc=fr?sAMAccountNam
> e?sub?(objectClass=user)
>         AuthLDAPBindDN cn=<user>,dc=<domain>,dc=eseo,dc=fr
>         AuthLDAPBindPassword xxxxxxxx
>         AuthName "Nagios Access"
>         AuthType Basic
>         require valid-user
>         AuthUserFile /nagios/htpasswdnagios.users
> </DirectoryMatch>
> <DirectoryMatch /usr/share/nagios/htdocs>
> Options FollowSymLinks
>         AllowOverride AuthConfig
>         Order Allow,Deny
>         Allow From All
>         AuthLDAPAuthoritative off
>         AuthLDAPURL
> ldap://<server>.<domain>.eseo.fr:389/OU=admins,DC=<domain>,DC=eseo,DC=fr?sAM
> AccountName?sub?(objectClass=user)
>         AuthLDAPBindDN cn=<user>,dc=<domain>,dc=eseo,dc=fr
>         AuthLDAPBindPassword xxxxxxxx
> 
>         AuthName "Nagios Access"
>         AuthType Basic
>         require valid-user
>         AuthUserFile /nagios/htpasswdnagios.users
> </DirectoryMatch>
> 
> Best regards,
> -------------------------------------------
> Emmanuel SCIEUR - IT Department
> ESEO
> 4, rue Merlet de la Boulaye
> BP30926 - 49009 Angers Cedex 1 - FRANCE
> Email: emmanuel.scieur at eseo.fr
> -------------------------------------------
> 
> 
> 
> _______________________________________________
> Auth_ldap mailing list
> Auth_ldap at rudedog.org
> http://www.rudedog.org/mailman/listinfo/auth_ldap
>

More information about the Auth_ldap mailing list