With the exception of changing the user, domain name and password, this was cut from a working ldap congfiguration. Note the validlogin@xxxxxxxxxxxxxxx I could never get the full DN to work properly. This works like a charm. Also, I use forestdnszones as the ldap server as it will pickup any domain controller on the local site. There are 14 in total. If one goes down it will just bind to the next. <Location /securedir> AuthLDAPAuthoritative on AuthLDAPEnabled on AuthName "My Secure Access" AuthType Basic AuthLDAPBindDN validlogin@xxxxxxxxxxxxxx AuthLDAPBindPassword somepassword AuthLDAPUrl ldap://forestdnszones.yourdomain.com:389/ou=Users,dc=yourdomain,dc=com?s amAccountName?sub?(objectClass=*) require valid-user </Location> > -----Original Message----- > From: Jeremy Weiland [mailto:jweiland@xxxxxxxxxxxxxxxx] > Sent: Thursday, July 14, 2005 9:50 AM > To: users@xxxxxxxxxxxxxxxx > Subject: [users@httpd] LDAP Authorization with Active Directory > > Hi, > > I'm trying to get Apache 2 to authenticate users with mod_auth_ldap based > on > Active Directory settings. I've got an LDAP browser on my computer and > can > connect to the Win2k3 server perfectly, but for some reason when I > authenticate over the website it brings Apache down with an error in > wldap32.dll. I have NO idea what's going on - any clue? > > Say the word and I'll provide more details. Here's my directory settings > in > httpd.conf: > > <Directory /> > Options All ExecCGI -Indexes > Order allow,deny > Allow from all > > AuthLDAPAuthoritative on > > AuthType Basic > > AuthName "Restricted Area" > > AuthLDAPBindDN cn=Administrator,cn=Users,dc=alterthought,dc=com > > AuthLDAPBindPassword xxxxxx > > #tried the both the string below and the one below that > # AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=*) > AuthLDAPURL > ldap://vulcan:389/cn=Users,dc=alterthought,dc=com?sAMAccountName?sub?(ob je > ct > Class=User) > > require valid-user > </Directory> > > Thanks - I'm kind of a newbie to Apache but I just got thrown into this, > and > I've been scouring the web like crazy for tips. Posting here is a last > resort, and I do appreciate the help. > ______________________________ > > Jeremy Weiland > Systems Engineer > > ALTERthought > 4449 Cox Road > Glen Allen, VA 23060 > > www.alterthought.com > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx