You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Ronald Verlaan <ro...@metisit.com> on 2014/12/19 09:40:32 UTC

[users@httpd] apache ldap issue

Hi all,


I am trying to use ldap to have users authenticate when accessing nagios (webbased monitoring tool) in their webbrowser.


When accessing nagios the browser responds with a popup window, asking for credentials (username, password). Authentication then fails.


Error in /var/log/httpd/error.log:

[Thu Dec 18 16:43:42 2014] [debug] mod_authnz_ldap.c(432): [client 192.168.112.196] [12830] auth_ldap authenticate: using URL ldap://ad.blue.local/dc=blue,dc=local?sAMAccountName
[Thu Dec 18 16:43:42 2014] [info] [client 192.168.112.196] [12830] auth_ldap authenticate: user ronald authentication failed; URI /nagios/ [ldap_search_ext_s() for user failed][Operations error]


This on Centos 6.6, using apache 2.2.15

Webbrowser used is firefox and/or chrome.


Contents of /etc/httpd/conf.d/authz_ldap.conf:


LogLevel debug
LoadModule authz_ldap_module modules/mod_authz_ldap.so
<IfModule mod_authz_ldap.c>
   <Location /nagios>
   AuthBasicProvider ldap
   AuthLDAPURL "ldap://ad.blue.local/dc=deepocean,dc=local?sAMAccountName" NONE
   AuthzLDAPAuthoritative on
   AuthLDAPBindDN "nagiosadmin@blue.local"
   AuthLDAPBindPassword "7f7g67d6s"
      AuthType Basic
      AuthName "Nagios Access"
      require valid-user
   </Location>
</IfModule>


I am stuck now and don't know how to troubleshoot any further.

Using ldapsearch the user ronald is found in ldap!

Any help would be appreciated!

Met vriendelijke groet,

Ronald Verlaan
----------------------------------------------------------------------------
Metis IT B.V.
Kalfjeslaan 70 | 2623 AJ | Delft | www.metisit.com
----------------------------------------------------------------------------
Telefoon +31 15 737 00 12 | Mobiel +31 6 42 50 80 65
E-mail ronald.verlaan@metisit.com | KvK 34247070
----------------------------------------------------------------------------
Dit bericht kan informatie bevatten die niet voor u bestemd is. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. Metis IT B.V. aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.