Hi, Eric. Thank you for your answers.
I´ve tried to do what you said, setting the directive AuthBasicProvider as below:
But the problem is the same. Apache doen´t check the flat file, as you can see in the log below:
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(849): [5053] auth_ldap url parse: `ldap://ldapserver:3268/dc=domain,dc=com?cn'
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(858): [5053] auth_ldap url parse: Host: ldapserver:3268
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(860): [5053] auth_ldap url parse: Port: 3268
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(862): [5053] auth_ldap url parse: DN: dc=domain,dc=com
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(864): [5053] auth_ldap url parse: attrib: cn
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(866): [5053] auth_ldap url parse: scope: base
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(871): [5053] auth_ldap url parse: filter: (null)
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(951): LDAP: auth_ldap not using SSL connections
[Tue Oct 21 15:49:38 2008] [debug] mod_authnz_ldap.c(373): [client
10.10.10.10] [5053] auth_ldap authenticate: using URL
ldap://ldapserver:3268/dc=domain,dc=com?cn, referer:
http://webserver
[Tue Oct 21 15:49:38 2008] [warn] [client
10.10.10.10] [5053] auth_ldap authenticate: user admin authentication failed; URI /std/cgi-bin/login.cgi [ldap_simple_bind_s() to check user credentials failed][Invalid credentials], referer:
http://webserver
[Tue Oct 21 15:49:38 2008] [error] [client
10.10.10.10] user admin: authentication failure for "/std/cgi-bin/login.cgi": Password Mismatch, referer:
http://webserver
=================================================================
It is installed in a Red Hat Linux Server release 5.2.
Thank you again.
Rodney.
On Tue, Oct 21, 2008 at 3:27 PM, Eric Covener
<covener@xxxxxxxxx> wrote:
On Tue, Oct 21, 2008 at 12:59 PM, Rodney Ramos <
rodneyra@xxxxxxxxx> wrote:
> I´m trying to use the mod_authnz_ldap module to authenticate the users in a
> Microsoft AD LDAP Server, but I´m having a lot of problems.
>
> The only configuration that worked was:
>
> AuthName "XXXX"
> AuthType Basic
> AuthBasicProvider ldap
> AuthLDAPUrl "ldap://ldapserver:3268/dc=domain,dc=com?cn"
> AuthLDAPBindDN "ldap_bind_user"
> AuthLDAPBindPassword "ldap_bind_psw"
> AuthzLDAPAuthoritative off
> Require valid-user
>
> Questions:
>
> 1) Why should we use the port 3268 instead of the default one, 389?
referrals.
>
> 2) Why must we set the AuthzLDAPAuthoritative directive to off?
you don't need it for 2.2.6 and later
>
> The second problem occurred when I tried to make Apache authenticate the
> users first in a LDAP server and after, if it doens´t find the user there,
> in a flat file. So I add the follow line, before the "Require valid-user"
> line:
>
> AuthUserFile /tmp/htpasswd.txt
>
> The problem is that Apache doesn´t try to use the flat file to authenticante
> the users. It only uses the LDAP authenticate module, even though the
> directive AuthzLDAPAuthoritative is set to off.
You need to tell basic auth to look there:
AuthBasicProvider ldap file
--
Eric Covener
covener@xxxxxxxxx
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
