> So what happend to the proxy? You're securing a directory... Well, I decided to check things step by step. It was rather a good idea, since even authenticate a single directory does not work !
> Other than that I'd make sure an openldap command line client > (e.g. ldapsearch binding with the DN given in AuthLDAPBindDN) is able > to connect from your webserver to your DSA (that assumes you have > shell access to the webserver, of course). I did this at first. I believe it works, since I'm able to retrieve information that concerns me. I don't need to authenticate myself on the OpenLDAP server to get most information. But I need to do so if I want to retrieve, for example, the hash of my password. To be honest, I essentially know nothing about LDAP. I believed that RTFM would be sufficient... > If you capture traffic from the webserver to the DSA you could also > feed the capture file to wireshark (or something similar). Looking in > the DSAs logfile is a bit easier (which assumes you have access to the > logs, of course). The web server is under my control, the LDAP server is not. Thus I certainly can do a pcap capture (ngrep/tshark) and view it with WireShark... > From your config I take it that the DSA does not require > confidentiality (no STARTTLS or -- deprecated -- LDAPS)? Well, the server can undoubtly support SSL/TLS connections, but my ldapsearch command is straightforward, on port 389, without any refinement... I wrote in a quick and dirty manner a small Python script which is able to authenticate an user against the LDAP server. I really don't understand why Apache can't ! Is there a possible issue on the LDAP server side ? Regards, Al --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
