[Auth_ldap] [bits] Re: LDAP Alterations for Apache different.
Brook Hurd
brookh at bitslv.com
Tue Apr 11 15:28:52 PDT 2006
Sorry about the late reply, but I still cannot find the issue. It will not
see the userids using cn or uid. They are there, any Idea why?
My LDAP structure is the following:
Root: cn=perlmanarchitects,cn=com
cn=Manager
ou=Development
ou=employees
ou=administrators
cn=userids
ou=LasVegas
cn=userids
...
ou=directors
cn=userids
...
..
ou=administrator
..
Here is the reference from the error log:
[Tue Apr 11 14:59:29 2006] [warn] [client 24.234.147.131] [25804] auth_ldap
authenticate: user brookh authentication failed; URI
/intranet/directors/index.jsp [ldap_search_ext_s() for user failed][No such
object], referer: http://www.perlmandesigngroup.com/intranet/index.php
Here is the latest code:
Order allow,deny
AuthType Basic
AuthName "MyAuth"
AuthLdapAuthoritative off
AuthLdapEnabled on
AuthLDAPURL
ldap://localhost:389/ou=administrators,dc=permanarchitects,dc=com?cn?sub
require valid-user
satisfy any
_____
Brook Hurd
Vice President
Binary IT Solutions, Inc.
800 N. Rainbow Blvd. Suite 216
Las Vegas, NV 89107
(702) 233-BITS (2487) - Office
(702) 204-8913 - Cell
(702) 243-BITS (2487) - Fax
http://www.bitslv.com
brookh at bitslv.com
_____
From: Brady Bellinger [mailto:brady.bellinger at gmail.com]
Sent: Saturday, March 18, 2006 5:23 PM
To: Brook Hurd
Subject: [bits] Re: [Auth_ldap] LDAP Alterations for Apache different.
Actually this list is for the Apache 1.3 auth_ldap module.
Does Apache start up? Are there any messages in the error log? Usually if
the ldap mod gets choked up it will log there.
Brady
On 3/18/06, Brook Hurd <brookh at bitslv.com> wrote:
I have been using LDAP on an older systems for years now. I also installed
the mod required to allow LDAP to be used as http authentication. It works
great on the old server Redhat ES3 but not on the new server Redhat ES4. I
installed LDAP, LDAP server and the apache mod. I can verify things are
working, but I cannot get it to read the database properly. I discovered
first that the syntax had changed, but I cannot see the specifics on what
alterations I need to do to make LDAP authentication run as before. Below
is the code from my previous install along with my most recent attempt. Can
anyone help me clean up this code?
Apache had some limited documentation at:
http://httpd.apache.org/docs/2.0/mod/mod_auth_ldap.html
Unfortunately, it lacked specifics.
Before:
AuthType Basic
AuthName "MyAuth"
AuthzLDAPEngine On
AuthzLDAPAuthoritative On
AuthzLDAPSetAuthorization On
AuthzLDAPServer 'localhost:389'
AuthzLDAPLogLevel debug
AuthzLDAPBindDN 'cn=Manager,dc=perlmanarchitects,dc=com'
AuthzLDAPUserKey cn
AuthLDAPBindDN "cn=Manager,dc=perlmanarchitects,dc=com"
AuthzLDAPUserBase 'ou=employees,ou=Development,dc=perlmanarchitects,dc=com'
#######Comment out next line to restrict to one level
AuthzLDAPUserScope subtree
require valid-user
satisfy any
After:
AuthType Basic
AuthName "MyAuth"
AuthLdapAuthoritative on
AuthLdapEnabled on
AuthLDAPURL ldap://localhost/ou=directors,ou=Development?cn?sub
require valid-user
satisfy any
Thank you,
_____
Brook Hurd
Vice President
Binary IT Solutions, Inc.
800 N. Rainbow Blvd. Suite 216
Las Vegas, NV 89107
(702) 233-BITS (2487) - Office
(702) 204-8913 - Cell
(702) 243-BITS (2487) - Fax
http://www.bitslv.com
brookh at bitslv.com
_______________________________________________
Auth_ldap mailing list
Auth_ldap at rudedog.org
http://www.rudedog.org/mailman/listinfo/auth_ldap
--
----------------------------------------------
brady at bradybellinger dot com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.rudedog.org/pipermail/auth_ldap/attachments/20060411/c211c4dd/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 5879 bytes
Desc: not available
Url : http://www.rudedog.org/pipermail/auth_ldap/attachments/20060411/c211c4dd/attachment.gif
More information about the Auth_ldap
mailing list