RE: [users@httpd] LDAP Authorization with Active Directory
I should be more clear. When I load the following modules: LoadModule ldap_module modules/util_ldap.so LoadModule auth_ldap_module modules/mod_auth_ldap.so Apache crashes in two cases: when I try to authenticate, and when I try to shut down the server. I'll try your tip with the [EMAIL PROTECTED], but honestly there's something up because even if I don't try to login, Apache crashes on shutdown when those above two modules are loaded. __ Jeremy Weiland Systems Engineer ALTERthought 4449 Cox Road Glen Allen, VA 23060 (804) 934 - 0300 www.alterthought.com -Original Message- From: Gary W. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, July 14, 2005 12:59 PM To: users@httpd.apache.org Subject: RE: [EMAIL PROTECTED] LDAP Authorization with Active Directory With the exception of changing the user, domain name and password, this was cut from a working ldap congfiguration. Note the [EMAIL PROTECTED] I could never get the full DN to work properly. This works like a charm. Also, I use forestdnszones as the ldap server as it will pickup any domain controller on the local site. There are 14 in total. If one goes down it will just bind to the next. AuthLDAPAuthoritative on AuthLDAPEnabled on AuthName "My Secure Access" AuthType Basic AuthLDAPBindDN [EMAIL PROTECTED] AuthLDAPBindPassword somepassword AuthLDAPUrl ldap://forestdnszones.yourdomain.com:389/ou=Users,dc=yourdomain,dc=com?s amAccountName?sub?(objectClass=*) require valid-user > -Original Message- > From: Jeremy Weiland [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 14, 2005 9:50 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] LDAP Authorization with Active Directory > > Hi, > > I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based > on > Active Directory settings. I've got an LDAP browser on my computer and > can > connect to the Win2k3 server perfectly, but for some reason when I > authenticate over the website it brings Apache down with an error in > wldap32.dll. I have NO idea what's going on - any clue? > > Say the word and I'll provide more details. Here's my directory settings > in > httpd.conf: > > > Options All ExecCGI -Indexes > Order allow,deny > Allow from all > > AuthLDAPAuthoritative on > > AuthType Basic > > AuthName "Restricted Area" > > AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com > > AuthLDAPBindPassword xx > > #tried the both the string below and the one below that > # AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=*) > AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=User) > > require valid-user > > > Thanks - I'm kind of a newbie to Apache but I just got thrown into this, > and > I've been scouring the web like crazy for tips. Posting here is a last > resort, and I do appreciate the help. > __ > > Jeremy Weiland > Systems Engineer > > ALTERthought > 4449 Cox Road > Glen Allen, VA 23060 > > www.alterthought.com > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: [users@httpd] LDAP Authorization with Active Directory
With the exception of changing the user, domain name and password, this was cut from a working ldap congfiguration. Note the [EMAIL PROTECTED] I could never get the full DN to work properly. This works like a charm. Also, I use forestdnszones as the ldap server as it will pickup any domain controller on the local site. There are 14 in total. If one goes down it will just bind to the next. AuthLDAPAuthoritative on AuthLDAPEnabled on AuthName "My Secure Access" AuthType Basic AuthLDAPBindDN [EMAIL PROTECTED] AuthLDAPBindPassword somepassword AuthLDAPUrl ldap://forestdnszones.yourdomain.com:389/ou=Users,dc=yourdomain,dc=com?s amAccountName?sub?(objectClass=*) require valid-user > -Original Message- > From: Jeremy Weiland [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 14, 2005 9:50 AM > To: users@httpd.apache.org > Subject: [EMAIL PROTECTED] LDAP Authorization with Active Directory > > Hi, > > I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based > on > Active Directory settings. I've got an LDAP browser on my computer and > can > connect to the Win2k3 server perfectly, but for some reason when I > authenticate over the website it brings Apache down with an error in > wldap32.dll. I have NO idea what's going on - any clue? > > Say the word and I'll provide more details. Here's my directory settings > in > httpd.conf: > > > Options All ExecCGI -Indexes > Order allow,deny > Allow from all > > AuthLDAPAuthoritative on > > AuthType Basic > > AuthName "Restricted Area" > > AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com > > AuthLDAPBindPassword xx > > #tried the both the string below and the one below that > # AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=*) > AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=User) > > require valid-user > > > Thanks - I'm kind of a newbie to Apache but I just got thrown into this, > and > I've been scouring the web like crazy for tips. Posting here is a last > resort, and I do appreciate the help. > __ > > Jeremy Weiland > Systems Engineer > > ALTERthought > 4449 Cox Road > Glen Allen, VA 23060 > > www.alterthought.com > > > - > The official User-To-User support forum of the Apache HTTP Server Project. > See http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] >" from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[users@httpd] LDAP Authorization with Active Directory
Hi, I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based on Active Directory settings. I've got an LDAP browser on my computer and can connect to the Win2k3 server perfectly, but for some reason when I authenticate over the website it brings Apache down with an error in wldap32.dll. I have NO idea what's going on - any clue? Say the word and I'll provide more details. Here's my directory settings in httpd.conf: Options All ExecCGI -Indexes Order allow,deny Allow from all AuthLDAPAuthoritative on AuthType Basic AuthName "Restricted Area" AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com AuthLDAPBindPassword xx #tried the both the string below and the one below that # AuthLDAPURL ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(object Class=*) AuthLDAPURL ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(object Class=User) require valid-user Thanks - I'm kind of a newbie to Apache but I just got thrown into this, and I've been scouring the web like crazy for tips. Posting here is a last resort, and I do appreciate the help. __ Jeremy Weiland Systems Engineer ALTERthought 4449 Cox Road Glen Allen, VA 23060 www.alterthought.com - The official User-To-User support forum of the Apache HTTP Server Project. See http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
