Hello Cato: First , i must say "Thank you for ur help" :-)
You got me a very useful advices and you are right ! when i use command line search without (-D "uid=tester,dc=ezplay,dc=tv") its have NOT search any entry in my ldap.....result as follow: ==================== ldapsearch -W -x -h localhost -b "dc=ezplay,dc=tv" '(&(objectclass=*)(uid=axa.cheng))' Enter LDAP Password: version: 2 # # filter: (&(objectclass=*)(uid=axa.cheng)) # requesting: ALL # # search result search: 2 result: 0 Success # numResponses: 1 ^^^^^^^^^^^^^^^^^ no more "numEntries" entry above..........y____y Anyway, could u explain ur advice that "Try doing the command line search without the -D parameter. If you get no match, you may look at the access rights to your directory." Sorry, i dont know which "access rights to your directory" that i need to check ? Apache RootDocument directory permission??? or .htaccess or slapd.conf or whatever??? BTW , i have tried use .htpasswd + .htaccess to restrict web WITHOUT ldap+.htaccess! IT IS WORKING! i CAN use legal account to pass through .htaccess authenication ● Non-ldap .htaccess as follow: AuthType Basic AuthName "NON LDAP testing" AuthUserFile /var/www/admin/.htpasswd <Limit GET POST> order deny,allow deny from all allow from all require valid-user </Limit> Do You want more configuration or information in my OpenLDAP server ??? Feel free to let me knows, i would provide it to u.... :-) > Hello, > > your problem seems to be that when Apache is doing the LDAP search, it > does not get any match, while when you are doing a command line search, > you get one match. > > One difference between the searches is that you specify a user which is > used to bind to the LDAP directory (-D "uid=tester,dc=ezplay,dc=tv"), > while Apache doesn't bind as a specific user. > Try doing the command line search without the -D parameter. If you get > no match, you may look at the access rights to your directory. > > Regards, > > Cato Aune -- Trust & Unique ... axacheng <[EMAIL PROTECTED]>