You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Marco Strullato <ma...@gmail.com> on 2008/03/18 11:47:32 UTC
[users@httpd] AuthLDAPURL and object not found
Hi all, I'm trying to authenticate users with ldap. I added to
httpd.confthe following lines
<Location "/4.4">
AuthType Basic
AuthName "Secure Area"
AuthzLDAPAuthoritative On
AuthBasicProvider ldap
AuthLDAPURL
"ldap://<server>:<port>/<base_dn>?uid??(objectClass=account)"
AuthLDAPBindDN "cn=Directory Manager"
AuthLDAPBindPassword "<password>"
Require valid-user
</Location>
but I cannot authenticate: I get
[Tue Mar 18 10:56:23 2008] [debug] mod_authnz_ldap.c(373): [client 10.0.1.13]
[3871] auth_ldap authenticate: using URL
ldap://<server>:<port>/<base_dn>?uid??(objectClass=account)
[Tue Mar 18 10:56:23 2008] [warn] [client 10.0.1.13] [3871] auth_ldap
authenticate: user <USER> authentication failed; URI /4.4
[ldap_search_ext_s() for user failed][No such object]
[Tue Mar 18 10:56:23 2008] [error] [client 10.0.1.13] user <USER> not found:
/4.4
This is a typical ldif I use:
dn: uid=<UID>,<BASE_DN>
uid: <UID>
modifyTimestamp: 20070910071722Z
modifiersName: cn=directory manager
sudoUser: ALL
sudoRunAs: root
sudoOption: ALL
sudoCommand: ALL
sudoHost: ALL
sshPublicKey: 0000000000000000000
objectClass: top
objectClass: posixaccount
objectClass: shadowaccount
objectClass: hostobject
objectClass: account
objectClass: sudorole
objectClass: ldappublickey
host: <HOSTNAME>
uidNumber: 585
cn: <CN>
loginShell: /bin/bash
gidNumber: 100
homeDirectory: /home/<UID>
userPassword: {SSHA}<PASSWORD>
creatorsName: cn=directory manager
gecos: <GECOS>
Do you suggest me how to change the AuthLDAPURL?
Thanks
Marco Strullato
[users@httpd] Re: AuthLDAPURL and object not found
Posted by Marco Strullato <ma...@gmail.com>.
However, if I do an ldapsearch with the same filter I get a match... I mean
I dumped the traffic and I saw the exact query... using that query with
ldapsearch I get the match,
2008/3/18, Marco Strullato <ma...@gmail.com>:
>
> Hi all, I'm trying to authenticate users with ldap. I added to httpd.confthe following lines
>
> <Location "/4.4">
> AuthType Basic
> AuthName "Secure Area"
> AuthzLDAPAuthoritative On
> AuthBasicProvider ldap
> AuthLDAPURL
> "ldap://<server>:<port>/<base_dn>?uid??(objectClass=account)"
> AuthLDAPBindDN "cn=Directory Manager"
> AuthLDAPBindPassword "<password>"
> Require valid-user
> </Location>
>
> but I cannot authenticate: I get
> [Tue Mar 18 10:56:23 2008] [debug] mod_authnz_ldap.c(373): [client
> 10.0.1.13] [3871] auth_ldap authenticate: using URL
> ldap://<server>:<port>/<base_dn>?uid??(objectClass=account)
> [Tue Mar 18 10:56:23 2008] [warn] [client 10.0.1.13] [3871] auth_ldap
> authenticate: user <USER> authentication failed; URI /4.4
> [ldap_search_ext_s() for user failed][No such object]
> [Tue Mar 18 10:56:23 2008] [error] [client 10.0.1.13] user <USER> not
> found: /4.4
>
> This is a typical ldif I use:
>
> dn: uid=<UID>,<BASE_DN>
> uid: <UID>
> modifyTimestamp: 20070910071722Z
> modifiersName: cn=directory manager
> sudoUser: ALL
> sudoRunAs: root
> sudoOption: ALL
> sudoCommand: ALL
> sudoHost: ALL
> sshPublicKey: 0000000000000000000
> objectClass: top
> objectClass: posixaccount
> objectClass: shadowaccount
> objectClass: hostobject
> objectClass: account
> objectClass: sudorole
> objectClass: ldappublickey
> host: <HOSTNAME>
> uidNumber: 585
> cn: <CN>
> loginShell: /bin/bash
> gidNumber: 100
> homeDirectory: /home/<UID>
> userPassword: {SSHA}<PASSWORD>
> creatorsName: cn=directory manager
> gecos: <GECOS>
>
>
>
> Do you suggest me how to change the AuthLDAPURL?
>
>
> Thanks
>
>
> Marco Strullato
>
>