Re: Apache2 + LDAP (autentication and Group)

To: debian-user@lists.debian.org
Subject: Re: Apache2 + LDAP (autentication and Group)
From: Guillaume <silencer@free-4ever.net>
Date: Wed, 16 Jan 2008 08:26:32 +0100
Message-id: <[🔎] 478DB1A8.9080408@free-4ever.net>
In-reply-to: <[🔎] 478D03E2.5000005@auroraalimentos.com.br>
References: <[🔎] 478D03E2.5000005@auroraalimentos.com.br>

Márcio Luciano Donada a écrit :

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi people,
I am trying to authenticate the apache2 with members of a certain groupthat's in my base ldap, but I am not able to operate, below myconfiguration:
<Directory "/var/www/html/investimentos">
~                Options Indexes FollowSymlinks Multiviews
~                AuthType Basic
~ AuthName "Essa area e de acesso restrito, tudo o quefor feito esta sendo monitorado!"
~                AuthBasicProvider ldap
~                AuthzLDAPAuthoritative off
~ AuthLDAPURLldap://pdc-srv.auroraalimentos.com.br/cn=INVESTIMENTOS,ou=Grupos,dc=auroraalimentos,dc=com,dc=br
~                AllowOverride AuthConfig
~                require ldap &(uid=*)
~                #require valid-user
~                allow from all
</Directory>

# cat /var/log/apache2/error.log
[Tue Jan 15 17:56:04 2008] [warn] [client 121.1.16.22] [6395] auth_ldapauthenticate: user mdonada authentication failed; URI /investimentos/[User not found][No such object][Tue Jan 15 17:56:04 2008] [error] [client 121.1.16.22] user mdonada notfound: /investimentos/[Tue Jan 15 17:56:06 2008] [warn] [client 121.1.16.22] [6395] auth_ldapauthenticate: user mdonada authentication failed; URI /investimentos/[User not found][No such object][Tue Jan 15 17:56:06 2008] [error] [client 121.1.16.22] user mdonada notfound: /investimentos/[Tue Jan 15 17:56:08 2008] [warn] [client 121.1.16.22] [6395] auth_ldapauthenticate: user mdonada authentication failed; URI /investimentos/[User not found][No such object][Tue Jan 15 17:56:08 2008] [error] [client 121.1.16.22] user mdonada notfound: /investimentos/[Tue Jan 15 17:56:18 2008] [warn] [client 121.1.16.22] [6395] auth_ldapauthenticate: user mdonada authentication failed; URI /investimentos/[User not found][No such object][Tue Jan 15 17:56:18 2008] [error] [client 121.1.16.22] user mdonada notfound: /investimentos/
# id mdonada
uid=1023(mdonada) gid=513(Usuarios Dominio) grupos=513(UsuariosDominio),106(downloads),114(cpedidos),119(dba),1000(CPD),1060(Internet),1061(mdonada),1062(controladoria),1066(ADMSITE),1067(pcv),1069(INVESTIMENTOS)
Some ideias?

Hi,

Here is what I do for LDAP auth:
AuthType Basic
AuthName "Subversion Nagios SNMP plugins"
AuthBasicProvider ldap
AuthLDAPBindDN "cn=bind,dc=external"
AuthLDAPBindPassword "P0uet"

AuthLDAPURLldap://ldap.server.external:389/ou=utilisateurs,ou=apache,dc=externe?cn?sub?(objectClass=person)

require ldap-group cn=svn,ou=groupes,ou=apache,dc=externe

And this is working, I think in your LDAP url, you need to add:?cn?sub?(objectClass=person)cn is for what you are looking for, sub is to tell to server thatrequest is recursive and (objectClass=person) is one of the objectclassof the object


Regards
Guillaume

Reply to:

Follow-Ups:
- Re: Apache2 + LDAP (autentication and Group)
  - From: Márcio Luciano Donada <mdonada@auroraalimentos.com.br>

References:
- Apache2 + LDAP (autentication and Group)
  - From: Márcio Luciano Donada <mdonada@auroraalimentos.com.br>

Prev by Date: Re: [OT] top posting
Next by Date: Re: Scim in sid [solved] --> General guide for SCIM under English
Previous by thread: Apache2 + LDAP (autentication and Group)
Next by thread: Re: Apache2 + LDAP (autentication and Group)
Index(es):
- Date
- Thread