Authentication Apache in Active Directory 2003 - Slackware

This is a discussion on Authentication Apache in Active Directory 2003 - Slackware ; I am trying to configure the Apache authentication in Active Directory 2003, but when you log, the following error occurs: [Wed Aug 13 15:48:20 2008] [warn] [client 192.168.0.65] [15464] auth_ldap authenticate: user svnteste authentication failed; URI / [ldap_search_ext_s() for user ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Authentication Apache in Active Directory 2003

  1. Authentication Apache in Active Directory 2003

    I am trying to configure the Apache authentication in Active Directory
    2003, but when you log, the following error occurs:

    [Wed Aug 13 15:48:20 2008] [warn] [client 192.168.0.65] [15464]
    auth_ldap authenticate: user svnteste authentication failed; URI /
    [ldap_search_ext_s() for user failed][No such object]

    My httpd.conf is


    AuthBasicProvider ldap
    AuthType basic
    AuthzLDAPAuthoritative Off
    AuthName "SVN"
    AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?
    sAMAccountName?sub?(objectCla
    ss=person)"
    AuthLDAPBindPassword 123456
    Require valid-user
    AuthLDAPBindDN "apache@company.com"


    Someone has some idea of how to solve this problem?

    Thanks.

  2. Re: Authentication Apache in Active Directory 2003

    brusso wrote:
    >
    > AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?
    >


    Off the top of my head, isn't "Users" a built-in container object and
    not an OU? Have you tried "cn=Users"?

  3. Re: Authentication Apache in Active Directory 2003

    On Aug 13, 6:30 pm, KR
    wrote:
    > brusso wrote:
    >
    > > AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?

    >
    > Off the top of my head, isn't "Users" a built-in container object and
    > not an OU? Have you tried "cn=Users"?


    Ok, I tried with this option, but the error continues.

    Changed the setting to the next,

    AuthBasicProvider ldap
    AuthType Basic
    AuthzLDAPAuthoritative On
    Require valid-user
    AuthName "SVN"
    AuthLDAPURL ldap://192.168.0.1:389/DC=company,DC=com?sAMAccountName?sub?(objectClass= *)
    NONE
    AuthLDAPBindDN "cn=apache,cn=users,dc=company,dc=com"
    AuthLDAPBindPassword apach

    But the error now is this

    [Wed Aug 13 19:04:58 2008] [warn] [client 192.168.0.65] [16455]
    auth_ldap authenticate: user svnteste authentication failed; URI /
    [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
    [Wed Aug 13 19:04:58 2008] [error] [client 192.168.0.65] user
    svnteste: authentication failure for "/": Password Mismatch

    Someone has some idea of how to solve this problem?

    Thanks.

  4. Re: Authentication Apache in Active Directory 2003

    brusso wrote:

    > On Aug 13, 6:30 pm, KR
    > wrote:
    >> brusso wrote:
    >>
    >> > AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?

    >>
    >> Off the top of my head, isn't "Users" a built-in container object and
    >> not an OU? Have you tried "cn=Users"?

    >
    > Ok, I tried with this option, but the error continues.
    >
    > Changed the setting to the next,
    >
    > AuthBasicProvider ldap
    > AuthType Basic
    > AuthzLDAPAuthoritative On
    > Require valid-user
    > AuthName "SVN"
    > AuthLDAPURL
    > ldap://192.168.0.1:389/DC=company,DC=com?sAMAccountName?sub

    (objectClass=*)
    > NONE
    > AuthLDAPBindDN "cn=apache,cn=users,dc=company,dc=com"
    > AuthLDAPBindPassword apach
    >
    > But the error now is this
    >
    > [Wed Aug 13 19:04:58 2008] [warn] [client 192.168.0.65] [16455]
    > auth_ldap authenticate: user svnteste authentication failed; URI /
    > [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
    > [Wed Aug 13 19:04:58 2008] [error] [client 192.168.0.65] user
    > svnteste: authentication failure for "/": Password Mismatch
    >
    > Someone has some idea of how to solve this problem?
    >
    > Thanks.


    If you want SSO the way IIS does, try http://modauthkerb.sourceforge.net/

    I've been using it for years.

    Andy

+ Reply to Thread