Authentication Apache in Active Directory 2003 - Slackware
This is a discussion on Authentication Apache in Active Directory 2003 - Slackware ; I am trying to configure the Apache authentication in Active Directory
2003, but when you log, the following error occurs:
[Wed Aug 13 15:48:20 2008] [warn] [client 192.168.0.65] [15464]
auth_ldap authenticate: user svnteste authentication failed; URI /
[ldap_search_ext_s() for user ...
-
Authentication Apache in Active Directory 2003
I am trying to configure the Apache authentication in Active Directory
2003, but when you log, the following error occurs:
[Wed Aug 13 15:48:20 2008] [warn] [client 192.168.0.65] [15464]
auth_ldap authenticate: user svnteste authentication failed; URI /
[ldap_search_ext_s() for user failed][No such object]
My httpd.conf is
AuthBasicProvider ldap
AuthType basic
AuthzLDAPAuthoritative Off
AuthName "SVN"
AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?
sAMAccountName?sub?(objectCla
ss=person)"
AuthLDAPBindPassword 123456
Require valid-user
AuthLDAPBindDN "apache@company.com"
Someone has some idea of how to solve this problem?
Thanks.
-
Re: Authentication Apache in Active Directory 2003
brusso wrote:
>
> AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?
>
Off the top of my head, isn't "Users" a built-in container object and
not an OU? Have you tried "cn=Users"?
-
Re: Authentication Apache in Active Directory 2003
On Aug 13, 6:30 pm, KR
wrote:
> brusso wrote:
>
> > AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?
>
> Off the top of my head, isn't "Users" a built-in container object and
> not an OU? Have you tried "cn=Users"?
Ok, I tried with this option, but the error continues.
Changed the setting to the next,
AuthBasicProvider ldap
AuthType Basic
AuthzLDAPAuthoritative On
Require valid-user
AuthName "SVN"
AuthLDAPURL ldap://192.168.0.1:389/DC=company,DC=com?sAMAccountName?sub?(objectClass= *)
NONE
AuthLDAPBindDN "cn=apache,cn=users,dc=company,dc=com"
AuthLDAPBindPassword apach
But the error now is this
[Wed Aug 13 19:04:58 2008] [warn] [client 192.168.0.65] [16455]
auth_ldap authenticate: user svnteste authentication failed; URI /
[LDAP: ldap_simple_bind_s() failed][Invalid credentials]
[Wed Aug 13 19:04:58 2008] [error] [client 192.168.0.65] user
svnteste: authentication failure for "/": Password Mismatch
Someone has some idea of how to solve this problem?
Thanks.
-
Re: Authentication Apache in Active Directory 2003
brusso wrote:
> On Aug 13, 6:30 pm, KR
> wrote:
>> brusso wrote:
>>
>> > AuthLDAPURL "ldap://192.168.0.1:389/ou=Users,DC=company,DC=com?
>>
>> Off the top of my head, isn't "Users" a built-in container object and
>> not an OU? Have you tried "cn=Users"?
>
> Ok, I tried with this option, but the error continues.
>
> Changed the setting to the next,
>
> AuthBasicProvider ldap
> AuthType Basic
> AuthzLDAPAuthoritative On
> Require valid-user
> AuthName "SVN"
> AuthLDAPURL
> ldap://192.168.0.1:389/DC=company,DC=com?sAMAccountName?sub
(objectClass=*)
> NONE
> AuthLDAPBindDN "cn=apache,cn=users,dc=company,dc=com"
> AuthLDAPBindPassword apach
>
> But the error now is this
>
> [Wed Aug 13 19:04:58 2008] [warn] [client 192.168.0.65] [16455]
> auth_ldap authenticate: user svnteste authentication failed; URI /
> [LDAP: ldap_simple_bind_s() failed][Invalid credentials]
> [Wed Aug 13 19:04:58 2008] [error] [client 192.168.0.65] user
> svnteste: authentication failure for "/": Password Mismatch
>
> Someone has some idea of how to solve this problem?
>
> Thanks.
If you want SSO the way IIS does, try http://modauthkerb.sourceforge.net/
I've been using it for years.
Andy
