Ok so here is some progress i manually added my user name and password in /etc/dirsrv/admin-serv/admpw using the htpassword command if i put cn=<username> I get ldap error 32: No such object in the admin server error log but if i just put my username in it finds the entry and i get a different error ldap error 48: Inappropriate authentication this is making me wonder if saslauthd may help On Wed, Mar 11, 2015 at 2:34 PM, Paul Robert Marino <prmarino1@xxxxxxxxx> wrote: > I know it will probably be a little more complex than that but I think > it logically should be one of the steps. > although it doesn't explain how "cn=Directory Manager" works > but it makes a lot of sense when you see the 401 error from the login > attempt it comes from the directory specified by > " > <Location /admin-serv/authenticate> > SetHandler user-auth > AuthUserFile /etc/dirsrv/admin-serv/admpw > AuthType basic > AuthName "Admin Server" > Require valid-user > Order allow,deny > Allow from all > </Location> > " > in /etc/dirsrv/admin-serv/admserv.conf > > > > > On Wed, Mar 11, 2015 at 2:13 PM, Rich Megginson <rmeggins@xxxxxxxxxx> wrote: >> On 03/11/2015 11:54 AM, Paul Robert Marino wrote: >>> >>> Hey every one >>> I have a question I know at least once in the past i setup the admin >>> console so it could utilize Kerberos passwords based on a howto I >>> found once which after I changed jobs I could never find again. >>> >>> today I was looking for something else and I saw a mention on the site >>> about httpd needing to be compiled with http auth support. >>> well I did a little digging and I found this file >>> /etc/dirsrv/admin-serv/admserv.conf >>> >>> in that file I found a lot of entries that look like this >>> " >>> <LocationMatch /*/[tT]asks/[Cc]onfiguration/*> >>> AuthUserFile /etc/dirsrv/admin-serv/admpw >>> AuthType basic >>> AuthName "Admin Server" >>> Require valid-user >>> AdminSDK on >>> ADMCgiBinDir /usr/lib64/dirsrv/cgi-bin >>> NESCompatEnv on >>> Options +ExecCGI >>> Order allow,deny >>> Allow from all >>> </LocationMatch> >>> >>> " >>> when I checked /etc/dirsrv/admin-serv/admpw sure enough I found the >>> Password hash for the admin user. >>> >>> So my question is before I wast time experimenting could it possibly >>> be as simple as changing the auth type to kerberos >>> http://modauthkerb.sourceforge.net/configure.html >> >> >> I don't know. I don't think anyone has ever tried it. >> >>> keep in mind my Kerberos Servers do not use LDAP as the backend. >>> -- >>> 389 users mailing list >>> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >>> https://admin.fedoraproject.org/mailman/listinfo/389-users >> >> >> -- >> 389 users mailing list >> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
