Hi again,
I changed the ldapurl and the logs changed to:
[Fri Oct 26 09:58:11 2007] [debug]
mod_authnz_ldap.c(376): [client 172.21.194.71] [13900]
auth_ldap authenticate: using URL
ldap://iceman/ou=users,dc=uk,dc=siroe,dc=com?sAMAccountName?sub?
[Fri Oct 26 09:58:11 2007] [debug]
PROTECTED]
Sent: Friday, October 26, 2007 3:07 AM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] apache 2.2.4 and AD: authentication failed.
Hi again,
I changed the ldapurl and the logs changed to:
[Fri Oct 26 09:58:11 2007] [debug]
mod_authnz_ldap.c(376): [client 172.21.194.71] [13900
On 10/26/07, Stusynski, Dan [EMAIL PROTECTED] wrote:
Looks like you can't acccess the resource.
authnz_ldap + require valid-user doesn't work as expected in 2.2.4,
try AuthZLDAPAuthoritative off
--
Eric Covener
[EMAIL PROTECTED]
I tried AuthZLDAPAuthoritative off and indeed it
worked...now...what is the impact of disabling
AuthZLDAPAuthoritative??
thanks bunches...
--- Eric Covener [EMAIL PROTECTED] wrote:
On 10/26/07, Stusynski, Dan [EMAIL PROTECTED]
wrote:
Looks like you can't acccess the resource.
authnz_ldap
ldap-user is not viable...I will have to add all users
by hand... Any other alternative?
also, AuthLDAPBindPassword is written in clear text in
the file...Any other alternative?
Many thanks!
--- Tom Hart [EMAIL PROTECTED] wrote:
authzldapauthoritative sets it such that ldap is the
only
authzldapauthoritative sets it such that ldap is the only authentication
that can be used. However valid-user is not seen as an ldap
authentication (try ldap-user, etc.), so it needs to be able to fall
back on basic authentication even though it is using the ldap setup to
validate.
Basically
On 10/26/07, Melanie Pfefer [EMAIL PROTECTED] wrote:
I tried AuthZLDAPAuthoritative off and indeed it
worked...now...what is the impact of disabling
AuthZLDAPAuthoritative??
Probably no harm, either some other module down the line will be able
to understand a least 1 'require' (in your case,
I'm not sure that you really need an alternative. using the setup you
have now should work fine, with authoritative off, and using valid-user.
I have that same exact setup running on our corporate intranet, and it's
been working fine.
Also, I do not know of an alternative for having the
thanks!
--- Tom Hart [EMAIL PROTECTED] wrote:
I'm not sure that you really need an alternative.
using the setup you
have now should work fine, with authoritative off,
and using valid-user.
I have that same exact setup running on our
corporate intranet, and it's
been working fine.
The browser returns Internal server error
The log file returns this error
[Thu Oct 25 21:21:36 2007] [debug]
mod_authnz_ldap.c(376): [client 172.21.194.71] [14657]
auth_ldap authenticate: using URL
ldap://iceman/ou=users,dc=uk,dc=siroe,dc=com?sAMAccountName?
[Thu Oct 25 21:21:36 2007] [warn]
On 10/25/07, Melanie Pfefer [EMAIL PROTECTED] wrote:
The browser returns Internal server error
The log file returns this error
[Thu Oct 25 21:21:36 2007] [debug]
mod_authnz_ldap.c(376): [client 172.21.194.71] [14657]
auth_ldap authenticate: using URL
thanks Eric. No I need to bind to ldap:
ldapsearch -D uk.siroe.com\mpfefer -w password -h
iceman -b ou=users,dc=uk,dc=siroe,dc=com
objectclass=*
so I changed this:
AuthLDAPUrl
ldap://iceman/ou=users,dc=uk,dc=siroe,dc=com?sub?
AuthLDAPBindDN uk-siroe-com\mpfefer
AuthLDAPBindPassword password
12 matches
Mail list logo
