Hi, Anton Yakimov schrieb:
Hi everyone, I have a strange error with authnz_ldap_module. I have searched the web and tried a lot of combinations, but nothing helps. This list is my only hope (ok, not the only, I cab also try svnserve+sasl+ldap). Here is my subversion.conf: LoadModule dav_svn_module modules/mod_dav_svn.so <Location /repos> DAV svn SVNPath /var/www/svn/repos AuthName "Test repository" AuthType Basic AuthBasicProvider ldap AuthLDAPUrl "ldap://server.three.two.one:389/dc=three, dc=two, dc=one?sAMAccountName?sub?(objectClass=*) NONE" AuthLDAPBindDN "admin@xxxxxxxxxxxxx" AuthLDAPBindPassword "password" Require valid-user </Location> And here are related error.log strings: ... [Thu Feb 26 16:47:11 2009] [debug] mod_authnz_ldap.c(373): [client 192.168.12.138] [11270] auth_ldap authenticate: using URL ldap://server.three.two.one:389/dc=three, dc=two, dc=one?sAMAccountName?sub?(objectClass=*) NONE [Thu Feb 26 16:47:11 2009] [warn] [client 192.168.12.138] [11270] auth_ldap authenticate: user authentication failed; URI /repos [ldap_search_ext_s() for user failed][Bad search filter]
Do you have ldapsearch installed? try# ldapsearch -x -h server.three.two.one -D admin@xxxxxxxxxxxxx -w password -b dc=three,dc=two,dc=one sAMAccountName=UsernameToTry
What does it say? "sub" and "objectclass=*" may be the defaults anyway. Marc --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx