Re: Apache2.2.4 - LDAP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi again,


Hey Thanks - that totally got me to my hopefully last problem - Any idea
on the below ?


[Mon Apr 23 14:45:21 2007] [warn] [client 127.0.0.1] [2124] auth_ldap
authenticate: user XXXXX\\VTLU authentication failed; URI / [LDAP:
ldap_simple_bind_s() failed][Invalid Credentials]
[Mon Apr 23 14:45:21 2007] [error] [client 127.0.0.1] user XXXXX\\VTLU:
authentication failure for "/": Password Mismatch
To authenticate the request to the LDAP server, you need an AuthLDAPBindDN directive like 
AuthLDAPBindDN "cn=ldap-user, dc=testnet, dc=local"
The AuthLDAPRemoteUserAttribute directive you used merely sets the REMOTE_USER environment variable but doesn't specify the user for the LDAP bind. 

Regards
Sascha

-----Original Message-----
From: Sascha Kersken [mailto:sk@xxxxxxxxxxxxx]
Sent: Monday, April 23, 2007 2:00 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  Apache2.2.4 - LDAP

Hi,


[Mon Apr 23 13:37:34 2007] [notice] Child 3880: Starting thread to

listen

on port 7070.
[Mon Apr 23 13:37:40 2007] [error] Internal error: pcfg_openfile()

called

with NULL filename
[Mon Apr 23 13:37:40 2007] [error] [client 127.0.0.1] (9)Bad file
descriptor: Could not open password file: (null)



Could it be the AuthName ? I have it set to my user id


No, auth name is the realm; i.e. the authentication context (provided
within
the login box by the browser).


<Directory />
            Order allow,deny
            Allow from all
            AuthType Basic
            AuthName vtlu
            AuthzLDAPAuthoritative on
            AuthLDAPUrl ldap://aaa.bbbb.org:389/basedn?sAMAccountName?
            AuthLDAPRemoteUserAttribute vtlu
            AuthLDAPBindPassword xxxxxx
            require valid-user
</Directory>



With Apache 2.2, you need to add the line
 AuthBasicProvider ldap
If you don't, Apache presumes the file provider and looks for an
AuthUserFile directive which you don't provide here (because you want
ldap).
That's the reason for the "NULL filename" error message.


Regards
Sascha

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux