RE: [users@httpd] [SPAM] RE: [users@httpd] mod_auth_ldap

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I'm glad for you. On a later stadium I wan't to try to work with
websites over SSL as well but that's for later ;-).

I was already putting the line  
LoadModule ldap_auth_module modules/mod_auth_ldap.so
in my httpd.conf file (it was not already put in with comments).

But when I looked at your link
http://httpd.apache.org/docs/2.0/platform/windows.html#cust (I have
version 2.0.54)
I've read that you can find additional error logs in your windows event
viewer.

This makes it a lot more interesting. When I try to load the module .so
(which was in my folder modules by installation) I recieve this error
messages:

1) Cant locate API module structure ldap_auth_module in file C://Program
Files/../modules/mod_auth_ldap.so
2) Syntax error on line 145 (which is the line where the LoadModule
staat

Next i did the test with a dll file ldap_auth_module which I found on
the internet http://www.muquit.com/. I had put this file also in the
folder modules here I get only this message:

1) service terminated with server specific error 1


And on this point I think I'm getting very confused cause error 1 means:
"port 80 already in use" 

Can you get anything out of this?

Greetings

Pamela



-----Oorspronkelijk bericht-----
Van: Andrew Musselman [mailto:Andrew@xxxxxxx] 
Verzonden: dinsdag 23 augustus 2005 17:40
Aan: users@xxxxxxxxxxxxxxxx; Pamela Kalle
Onderwerp: [users@httpd] [SPAM] RE: [users@httpd] mod_auth_ldap

Hi Pamela,

I finally got things working.  My co-worker helped me find the problem:
 in apache log we found these messages while restarting apache:

[Mon Aug 22 12:31:43 2005] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Mon Aug 22 12:31:43 2005] [crit] LDAP: Invalid LDAPTrustedCAType
directive - BASE64_FILE type required [Mon Aug 22 12:31:43 2005] [warn]
LDAP: SSL initialization failed [Mon Aug 22 12:31:43 2005] [notice]
LDAP: SSL support unavailable

I was using the wrong type of CA file, and when I put in the right one
everything worked.

The FreeBSD stuff probably won't help you get things going on Windows. 
When you say:
"So I've tried to install the option in the config file like this:

	ldap_auth_module modules/mod_auth_ldap.so

And I've tried it like this:

	ldap_auth_module D:/apache_files/mod_auth_ldap.so"

Have you opened your httpd.conf file and had a look?  Here's a link: 
http://httpd.apache.org/docs/1.3/windows.html#use 

If you find a bunch of lines that start with "LoadModule", that's where
you might want to try putting in the line (or uncommenting it if it's
there):

LoadModule ldap_auth_module libexec/apache2/mod_auth_ldap.so

Then don't forget to restart apache..

Have fun!

Andrew

Andrew Musselman
andrew@xxxxxxx

>>> pamela.kalle@xxxxxxxxx 8/23/2005 1:45 AM >>>

Hi Andrew,

Is it possible that your problem has something to do with the port
number?
Normally when you use a not-SSL connection you use port 389 and for a
SSL connection you use 636.

I don't know very good what you mean with:

I got mine working on FreeBSD by using the ports tree, after renaming
and removing httpd.conf, by going into the apache2 directory and
doing:
make clean
make WITH_PROXY_MODULES=yes WITH_LDAP_MODULES=yes WITH_SSL_MODULES=yes

I've tried to do this via de cmd on the directory Apache2 and on the
directory Apache/BIN but it didn't work (make is not a recognised
command)but maybe this is because I'm working with Windows...


Thank you for the answer

Greetings


Pamela



-----Oorspronkelijk bericht-----
Van: Andrew Musselman [mailto:Andrew@xxxxxxx]
Verzonden: maandag 22 augustus 2005 17:54
Aan: users@xxxxxxxxxxxxxxxx
Onderwerp: Re: [users@httpd] mod_auth_ldap

Hi Pamela,

On this page:
http://httpd.apache.org/docs/1.3/windows.html
The directions say you can load a module by adding a line to your
httpd.conf:
LoadModule ldap_auth_module libexec/apache2/mod_auth_ldap.so

I got mine working on FreeBSD by using the ports tree, after renaming
and removing httpd.conf, by going into the apache2 directory and
doing:
make clean
make WITH_PROXY_MODULES=yes WITH_LDAP_MODULES=yes WITH_SSL_MODULES=yes

Then checking which lines the new install put in and copying them into
my old httpd.conf.

That may not help your situation, I don't know.

In my case, I'm getting these two errors in my log file when I try to
access a protected directory.  Here are the lines in the .htaccess file
protecting the directory:

AuthLDAPEnabled on
AuthType Basic
AuthLDAPURL ldap://my.ldap.server:636/o=CWU?uid
require valid-user

Here is the error I get using ldap://  "[LDAP: ldap_simple_bind_s()
failed][Can't contact LDAP server]"

Here is the error I get using ldaps://  "[LDAP: ssl connections not
supported][Can't contact LDAP server]"

Has anyone encountered these errors and know how to solve them?

Thank you,
Andrew

Andrew Musselman
andrew@xxxxxxx 

>>> pamela.kalle@xxxxxxxxx 8/22/2005 12:38 AM >>>

Hi

I'm also trying to use the mod_auth_ldap, but I'm having troubles as
well.
Maybe my experience can help you as well, and maybe someone else can
help us both.

I'm working on a Windows 2000 server. I installed the apache version
2.0.54.
In this version I find a mod_auth_ldap.so in the modules map (C:/Program
Files/apache group/apache/modules).

So indeed it lookes like "it comes out of the box". 

Still manuals for apache
(http://www.muquit.com/muquit/software/mod_auth_ldap/mod_auth_ldap_apach
e2.html)
describe to install a .dll (not a .so) for Windows Users.
The manual that I'm reffering to also suggest an extra installation of
some dll's you should find at a sun-site. 
I've tried this but I found many dll's so I don't know which they want.

So I've tried to install the option in the config file like this:

	ldap_auth_module modules/mod_auth_ldap.so

And I've tried it like this:

	ldap_auth_module D:/apache_files/mod_auth_ldap.so

Both times my apache server crashed. (didn't want to restart).
My log files give me something like this: 
The I/O operation has been aborted because of either a thread exit or an
application request.  : winnt_accept: Asynchronous AcceptEx failed.

Thanks 


Pamela



-----Oorspronkelijk bericht-----
Van: Andrew Musselman [mailto:Andrew@xxxxxxx]
Verzonden: vrijdag 19 augustus 2005 19:50
Aan: users@xxxxxxxxxxxxxxxx
Onderwerp: [users@httpd] mod_auth_ldap

I have read that mod_auth_ldap comes "out of the box" in Apache 2.0 and
up, but I'm not sure how to enable it.

Is it as simple as adding something like this to httpd.conf:
LoadModule ldap_auth_module libexec/apache2/mod_auth_ldap.so

Or are there other steps?  I don't see it in the FreeBSD ports tree.

Thanks,
Andrew

Andrew Musselman
andrew@xxxxxxx 

>>> sanguis@xxxxxxxxx 8/19/2005 10:20:08 AM >>>
> I have apache running on my Windows 2000 Machine with SSL.  Runs OK,

> but in order to start apache with SSL I must start it up in a dos 
> window.

Remove all 'IfDefine SSL' things in your httpd.conf, and the thing
should use SSL automagically.

If you don't want this, and have Apache as service, you can give extra
parameters (like -DSSL) in the service properties.

Joost


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx 
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx 
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx 
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx 
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx 
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx 
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx 
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx 
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx 
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx 
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux