LDAP connection failure: what does "not authoritative" mean?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm trying to do basic authentication via LDAP to Active Directory.
HTTPD logs this:

[Mon Nov 25 16:02:47.362939 2024] [authnz_ldap:debug] [pid 6205:tid 6205] mod_authnz_ldap.c(548): [client 2600:381:cb60:bf0:c6bb:b64d:24e:24da:46526] AH01691: auth_ldap authenticate: using URL ldap://ads.iu.edu/ou=Accounts,DC=ads,DC=iu,DC=edu?CN?one
[Mon Nov 25 16:02:47.381431 2024] [authnz_ldap:debug] [pid 6205:tid 6205] mod_authnz_ldap.c(569): [client 2600:381:cb60:bf0:c6bb:b64d:24e:24da:46526] AH01694: auth_ldap authenticate: user mwood authentication failed; URI /nagios/ [LDAP: ldap_start_tls_s() failed][Connect error] (not authoritative)
[Mon Nov 25 16:02:47.381449 2024] [auth_basic:error] [pid 6205:tid 6205] [client 2600:381:cb60:bf0:c6bb:b64d:24e:24da:46526] AH01618: user mwood not found: /nagios/

I don't know what it doesn't like about the connection.  The server's
certificate checks out.  I've got LDAPTrustedGlobalCert set:

More configuration:

  LDAPTrustedGlobalCert CA_BASE64 /etc/ssl/certs/ca-certificates.crt

  AuthType basic
  AuthBasicProvider ldap
  AuthName "ADS"

  AuthLDAPURL "ldap://ads.iu.edu/ou=Accounts,DC=ads,DC=iu,DC=edu?CN?one"; STARTTLS
  AuthLDAPBindDN "CN={omitted},OU=Accounts,DC=ads,DC=iu,DC=edu"
  AuthLDAPBindPassword "{omitted}"
  AuthLDAPBindAuthoritative Off
  AuthLDAPGroupAttribute  member
  AuthLDAPRemoteUserAttribute CN

  <RequireAll>
    Require ldap-group CN=IN-ULib-Admins,OU=IN-ADMINS,OU=IN,DC=ads,DC=iu,DC=edu
    <RequireAny>
      {a list of "Require ip"s}
    </RequireAny>
  </RequireAll>

What have I missed?

-- 
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
library.indianapolis.iu.edu

Attachment: signature.asc
Description: PGP signature


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux