I've been through Google and the online docs and release notes today, and can't figure out how to solve this one. I've got a Windows 2003 Server running Apache 2.0.55 and Active Directory. I am attempting to to use Apache's mod_auth_ldap to control access on a per-directory basis with .htaccess files, by authenticating with LDAP against Active Directory. When I access the protected directory, I get the expected authentication dialog in my browser(s), and at that point Apache is still running on the server. When I put in my username and password and submit, the Apache service dies a few seconds later. I am able to bind to AD using LDAP with PHP's functions for doing so, and Apache does not crash. I'm also able to access AD with "ldapbrowser", so I am confident my username, password, domain, etc., are correct. In any case I would not expect incorrect logon info to crash the server process. There are some notes in the release doc that 2.0.55 addressed some issues with LDAP, but .56, .57 and .58 don't reference LDAP changes at all. Here's my .htaccess file, with names changed to protect the innocent: AuthType Basic AuthName "LDAP Test" AuthLDAPEnabled on AuthLDAPUrl ldap://home.mydomain.com/cn=Users,dc=mydomain,dc=com?sAMAccountName?sub AuthLDAPBindDN "sAMAccountName=dbuettner,cn=Users,dc=mydomain,dc=com" AuthLDAPBindPassword secret require valid-user A sample of the Apache log: [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(785): [5456] auth_ldap url parse: `ldap://home.mydomain.com/cn=Users,dc=mydomain,dc=com?sAMAccountName?sub' [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(806): [5456] auth_ldap url parse: Host: home.mydomain.com [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(808): [5456] auth_ldap url parse: Port: 389 [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(810): [5456] auth_ldap url parse: DN: cn=Users,dc=mydomain,dc=com [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(812): [5456] auth_ldap url parse: attrib: sAMAccountName [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(814): [5456] auth_ldap url parse: scope: subtree [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(819): [5456] auth_ldap url parse: filter: (null) [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(884): LDAP: auth_ldap not using SSL connections [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(337): [client 12.34.56.78] [5456] auth_ldap authenticate: using URL ldap://home.mydomain.com/cn=Users,dc=mydomain,dc=com?sAMAccountName?sub [Thu Jun 15 16:55:16 2006] [debug] mod_auth_ldap.c(342): [client 12.34.56.78] [5456] auth_ldap authenticate: ap_get_basic_auth_pw() returns 401 [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(785): [5456] auth_ldap url parse: `ldap://home.mydomain.com/cn=Users,dc=mydomain,dc=com?sAMAccountName?sub' [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(806): [5456] auth_ldap url parse: Host: home.mydomain.com [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(808): [5456] auth_ldap url parse: Port: 389 [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(810): [5456] auth_ldap url parse: DN: cn=Users,dc=mydomain,dc=com [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(812): [5456] auth_ldap url parse: attrib: sAMAccountName [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(814): [5456] auth_ldap url parse: scope: subtree [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(819): [5456] auth_ldap url parse: filter: (null) [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(884): LDAP: auth_ldap not using SSL connections [Thu Jun 15 16:55:23 2006] [debug] mod_auth_ldap.c(337): [client 12.34.56.78] [5456] auth_ldap authenticate: using URL ldap://home.mydomain.com/cn=Users,dc=mydomain,dc=com?sAMAccountName?sub [Thu Jun 15 16:55:27 2006] [notice] Parent: child process exited with status 3221225477 -- Restarting. The Windows event logs only note that the Apache2 service exited - no details. Has anyone else encountered something like this? Suggestions welcomed. Dan --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|