On 11/7/06, Christophe Gravier <christophe.gravier@xxxxxxxxxxxxxxxxxx> wrote:
Hello, Nobody is using ldap based authentication and authorization, based on group ?
Your configuration looks identical to mine, except my group
memberships are based on 'member' instead of 'uniquemember' -- but
they're the 2 values tried by apache by default.
You'd probably learn an immense amount of info by looking at an IP
trace between Apache and LDAP formatted by wireshark/ethereal.
Another interesting thing if you're linked against openldap and have
mysterious errors is to turn on debugging in the LDAP library, which
will be dumped to the errorlog. I've been unlucky getting any
environment variable or openldap config file to affect things, but you
can add the following to the util_ldap.c post-config hook:
+{
+ int LDAP_DEBUG_LEVEL = -1;
+ ldap_set_option(NULL , LDAP_OPT_DEBUG_LEVEL, &(LDAP_DEBUG_LEVEL));
+}
--
Eric Covener
covener@xxxxxxxxx
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|