Thanks very much Karl, I was able to get it working after looking at your conifig. Aaron -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Karl Latiss Sent: Tuesday, June 20, 2006 9:15 PM To: General Red Hat Linux discussion list Subject: RE: Help with apache and ldap authentication I found I always had to turn AuthzLDAPAuthoritative Off for it to work for me but our setup was slightly different. I use: # turn on LDAP authentication and authorization module AuthzLDAPEngine on # define ldap server AuthzLDAPServer server.com.au # set the search base AuthzLDAPUserBase dc=server,dc=com,dc=au # define the search filter (ie what attribute to search in) AuthzLDAPUserKey uid # how to search through the name space AuthzLDAPUserScope subtree # ensure the authorization header is not re-written AuthzLDAPSetAuthorization off # we use ldap authentication and mod_access authorization # to determine access so we need to ensure the process # doesn't finish with mod_authz_ldap AuthzLDAPAuthoritative off AuthType basic AuthName "Something" require user someuser Karl. On Tue, 2006-06-20 at 15:03 -0400, Bliss, Aaron wrote: > Yep, sorry I didn't mention that; the host running apache > authenticates users fine to the ldap server both using ldap and ldaps; > just can't get apache to talk to the ldap server. > > Aaron > > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx > [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Allen Chen > Sent: Tuesday, June 20, 2006 2:29 PM > To: General Red Hat Linux discussion list > Subject: Re: Help with apache and ldap authentication > > Bliss, Aaron wrote: > > I'm running redhat 3 es, apache and all modules including > > mod_authz_ldap are from system rpm's; I'm attempting to restrict > > access to a directory and would like to use ldap authentication; > > below > > > is the relevant section of my httpd.conf file; I'm getting the box > > to enter my credentials when going to the web page, but it seems to > > be failing; any ideas? Thanks very much. > > > > <directory /webroot/www/nessus_summary> AuthType Basic AuthName > > "Private Area" > > # AuthUserFile /usr/local/sbin/htusers AuthzLDAPEngine on > > AuthzLDAPServer "al-lnx-s11.preferredcare.org" > > AuthzLDAPBindDN "ou=users,dc=preferredcare,dc=org" > > #AuthzLDAPMapBase "ou=users,dc=preferredcare,dc=org" > > AuthzLDAPAuthoritative on > > AuthzLDAPSetAuthorization on > > Require valid-user > > </directory> > > > > Confidentiality Notice: > > The information contained in this electronic message is intended for > the exclusive use of the individual or entity named above and may > contain privileged or confidential information. If the reader of this > message is not the intended recipient or the employee or agent > responsible to deliver it to the intended recipient, you are hereby > notified that dissemination, distribution or copying of this > information is prohibited. If you have received this communication in > error, please notify the sender immediately by telephone and destroy > the copies you received. > > > > > > > > Can you ping ldap server al-lnx-s11.preferredcare.org from apache > machine? > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
