I am trying to integrate
httpd with LDAP (Active Directory) but I am running into
some trouble: Every time I try to login, here is what I
see:
[Tue Jul 05 09:23:50.471383 2016] [ssl:debug] [pid
35839:tid 139644016523008] ssl_engine_kernel.c(2101):
[client
10.204.1.1:51637]
AH02043: SSL virtual host for servername
apachehost.my.com found
[Tue Jul 05 09:23:50.487945 2016] [ssl:debug] [pid
35839:tid 139644016523008] ssl_engine_kernel.c(2028):
[client
10.204.1.1:51637]
AH02041: Protocol: TLSv1.2, Cipher:
ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
[Tue Jul 05 09:23:50.488842 2016] [ssl:debug] [pid
35839:tid 139644016523008] ssl_engine_kernel.c(366):
[client
10.204.1.1:51637]
AH02034: Initial (No.1) HTTPS request received for
child 66 (server
apachehost.my.com:443)
[Tue Jul 05 09:23:50.488887 2016]
[authz_core:debug] [pid 35839:tid 139644016523008]
mod_authz_core.c(809): [client
10.204.1.1:51637]
AH01626: authorization result of Require valid-user :
denied (no authenticated user yet)
[Tue Jul 05 09:23:50.488899 2016]
[authz_core:debug] [pid 35839:tid 139644016523008]
mod_authz_core.c(809): [client
10.204.1.1:51637]
AH01626: authorization result of Require ldap-group
"CN=Architecture Team,OU=Groups,OU=Core,DC=my,DC=com":
denied (no authenticated user yet)
[Tue Jul 05 09:23:50.488903 2016]
[authz_core:debug] [pid 35839:tid 139644016523008]
mod_authz_core.c(809): [client
10.204.1.1:51637]
AH01626: authorization result of <RequireAny>:
denied (no authenticated user yet)
[Tue Jul 05 09:23:50.546246 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1790):
AH00925: initializing worker
http://appserver.my.com:8500/ shared
[Tue Jul 05 09:23:50.546308 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1832):
AH00927: initializing worker
http://appserver.my.com:8500/ local
[Tue Jul 05 09:23:50.546358 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1867):
AH00930: initialized pool in child 53629 for (
appserver.my.com)
min=0 max=25 smax=25
[Tue Jul 05 09:23:50.546381 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1790):
AH00925: initializing worker proxy:reverse shared
[Tue Jul 05 09:23:50.546384 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1832):
AH00927: initializing worker proxy:reverse local
[Tue Jul 05 09:23:50.546396 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1867):
AH00930: initialized pool in child 53629 for (*) min=0
max=25 smax=25
[Tue Jul 05 09:23:50.546415 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1785):
AH00924: worker
http://appserver.my.com:8500/ shared
already initialized
[Tue Jul 05 09:23:50.546425 2016] [proxy:debug]
[pid 53629:tid 139644279056192] proxy_util.c(1827):
AH00926: worker
http://appserver.my.com:8500/ local
already initialized
[Tue Jul 05 09:23:50.546624 2016] [mpm_event:debug]
[pid 53629:tid 139644108920576] event.c(2096):
AH02471: start_threads: Using epoll
[Tue Jul 05 09:23:50.587187 2016]
[authnz_
ldap:info] [pid 35839:tid 139644016523008]
[client
10.204.1.1:51637]
AH01695: auth_ldap authenticate: user testuser
authentication failed; URI /ui [User not found][No
such object]
[Tue Jul 05 09:23:50.587224 2016]
[auth_basic:error] [pid 35839:tid 139644016523008]
[client
10.204.1.1:51637]
AH01618: user testuser not found: /ui
[Tue Jul 05 09:23:55.577658 2016] [ssl:debug] [pid
35839:tid 139643823490816] ssl_engine_io.c(1033):
[remote
10.204.1.1:51637]
AH02001: Connection closed to child 66 with standard
shutdown (server
apachehost.my.com:443)
LDAPTrustedGlobalCert CA_BASE64
/usr/local/apache2/conf/certs/ldapCert.pem
LDAPVerifyServerCert Off
<Location />
AuthType Basic
AuthLDAPBindDN
"CN=ldap,OU=acct,DC=my,DC=com"
AuthLDAPBindPassword ******
AuthBasicProvider ldap
AuthName "LDAP - login"
Require valid-user
Require ldap-group "CN=Architecture
Team,OU=Groups,OU=Core,DC=my,DC=com"
AuthLDAPRemoteUserAttribute uid
#RewriteEngine On
#RewriteCond %{LA-U:REMOTE_USER} (.+)
#RewriteRule .* - [E=RU:%1]
#RequestHeader set REMOTE_USER %{RU}e
</Location>
