You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by parminder gupta <gu...@gmail.com> on 2008/09/17 17:29:52 UTC
[users@httpd] LDAP authentication - search depth
Hello,
I am trying to get my Apache/Subversion server running on Linux
authenticate users on Windows Active Directory using LDAP. Server
information is as below:
Apache: 2.2.3
Subversion: 1.5.1
Linux: CentOS 5.2 (kernel 2.6.18-92.1.10.el5)
The LDAP structure of my company looks like below:
DC=example,DC=com
|
|--OU=Location1
| |
| |--OU=Everyone in Location1
|
|--OU=Location2
| |
| |--OU=Everyone in Location2
|
|--OU=Location3
| |
| |--OU=Everyone in Location3
This the relavant part of my config file:
<Location /svn>
DAV svn
SVNListParentPath on
SVNParentPath /var/www/subversion/
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative off
AuthName "CIS Subversion Server"
AuthLDAPURL
"ldap://ldap-server/ou=Location1,dc=example,dc=com?sAMAccountName?sub?(objectClass=*)"
NONE
AuthLDAPBindDN "user@example.com"
AuthLDAPBindPassword "secretpassword"
require valid-user
Allow from all
</Location>
I can authenticate users when I specify:
AuthLDAPURL "ldap://ldap-server/ou=Location1,dc=example,dc=com?sAMAccountName?sub?(objectClass=*)"
NONE
But cannot when I do this:
AuthLDAPURL "ldap://ldap-server/dc=example,dc=com?sAMAccountName?sub?(objectClass=*)"
NONE
Is there a certain depth in LDAP tree beyond which mod_authnz_ldap
will not search? Any help is greatly appreciated.
Thanks,
Parminder
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org