RE: [users@httpd] LDAP authentication to dav folder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 

-----Original Message-----
From: Craig Jackson [mailto:CJackson@xxxxxxxxxxxxxxxxx] 
Sent: Monday, August 28, 2006 5:02 PM
To: users@xxxxxxxxxxxxxxxx
Subject: [users@httpd] LDAP authentication to dav folder

Samba with ldap backend authenticates samba users. An ldif example for a
user looks like this:

dn: uid=craig,ou=users,dc=abbott-simses,dc=com
uid: craig
sambaSID: sid id
sambaPrimaryGroupSID: grp id
displayName: Samba User
objectClass: sambaSamAccount
objectClass: account
structuralObjectClass: account
entryUUID: 9ae5c990-91c3-102a-8f9f-ce821b1d4ee9
creatorsName: cn=admin,dc=abbott-simses,dc=com
createTimestamp: 20060616203700Z
sambaPwdMustChange: 9223372036854775807
sambaPasswordHistory:
00000000000000000000000000000000000000000000000000000000
 00000000
sambaAcctFlags: [U          ]
sambaPwdCanChange: 1155656650
sambaLMPassword: pass
sambaNTPassword: pass
sambaPwdLastSet: 1155656650
entryCSN: 20060815154410Z#000001#00#000000
modifiersName: cn=root,dc=abbott-simses,dc=com
modifyTimestamp: 20060815154410Z


I also want to set up apache webdav to the same user folders witjh ldap
authentication. But I get authentication error.

Here's the relevant part of apache2.conf from testing Debian

Alias /craig /hou-1/general/USERS/Craig
<Directory /craig>
        Options Indexes MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
</Directory>
<Location /craig>
        DAV on
        AllowOverride None
        Satisfy all
        SSLRequireSSL
        Options Indexes MultiViews
        AuthType Basic
        AuthName "Abbott, Simses & Kuchler: Net Folders"
        AuthLDAPEnabled on
        AuthLDAPURL
ldap://127.0.0.1:389/ou=users,dc=abbott-simses,dc=com?uid??(objectclass=
*)
        Require user craig
</Location>

The Apache log entry looks like this:
Access.log
192.168.193.30 - "" [28/Aug/2006:16:41:39 -0500] "PROPFIND /craig
HTTP/1.0" 401 401 Error.log [Mon Aug 28 16:41:39 2006] [warn] [client
192.168.193.30] [3895] auth_ldap authenticate: user  authentication
failed; URI /craig [User not found][No such object]


Apache supplies a login prompt asking for user name and password. What
happens to the password? There is no password attribute for user craig.
Does apache compare passwords? There is no mention of user password in
the mod_auth_ldap help section. I think I need a hint here, because I'm
sure I'm missing something really simple.

Using Apache 2 on Debian testing.

Thanks,

Craig 

---------------------------------------------------------------------


RESPONSE:

Problem has been solved by adding userPassword attribute to LDAP.

Craig
--------
In most areas of the universe one plus one is also known as two.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux