error.log states:[Thu Jan 09 10:22:36 2014] [warn] [client 10.9.2.49] [18090] auth_ldap authenticate: user user1 authentication failed; URI /index.php [User not found][No such object]At this point the ldap server was offline. Of course, that user only resides locally in the AuthUserFile.
---
Rob Yamry | Network Engineer | Kimberly Area School District | Phone: 920.788.7900 x 4158 | Direct: 920.423.4158 | ryamry@xxxxxxxxxxxxxxxxxxOn Thu, Jan 9, 2014 at 11:33 AM, Eric Covener <covener@xxxxxxxxx> wrote:logs?On Thu, Jan 9, 2014 at 12:28 PM, Rob Yamry <ryamry@xxxxxxxxxxxxxxxxxx> wrote:
> Hello-
> Im having a problem where local authentication will not work when when the
> configured LDAP server is unavailble. When the ldap server is online I can
> authenticate fine against ldap and local file. However, when the ldap
> server is offline, I cannot authenticate with the user1 account.
>
> Id appreciate any help you could provide. Ive searched a lot on this and
> found many examples, all very similar to my config below, but I still cannot
> failback authentication to local file when ldap is unavailable. Im running
> Apache/2.2.10
>
> AuthName "Server Access"
> AuthType Basic
> # Check ldap auth first, then file auth
> AuthBasicProvider file ldap
> AuthUserFile /etc/apache2/htpasswd
> AuthzLDAPAuthoritative off
> AuthLDAPURL
> ldap://ldap.domain.com:389/OU=Users,DC=domain,DC=com?sAMAccountName
> AuthLDAPBindDN "domain\ldap_user"
> AuthLDAPBindPassword password
> AuthLDAPGroupAttributeIsDN off
>
really 2.2.10 or w/ patches?
is it authentication or authorization that fails?
> Require user user1
> Require ldap-attribute memberOf=CN=groupName,DC=domain,DC=com
>
--
Eric Covener
covener@xxxxxxxxx
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|