I did:
ldapsearch -x ""
and it gave a list of pretty much everything in active directory.... so I
don't want to post the whole thing. Also, I think apache doesn't use the
ldap.conf file anyways.
So I know that part is working. I changed a few things here also now.
httpd.conf:
<Directory "/path/to/dir">
AuthLDAPEnabled On
AuthName "AuthName"
AuthType Basic
AuthLDAPBindDN
"cn=linuxboxUser,ou=UserOrganization,dc=domain,dc=com"
AuthLDAPBindPassword "password"
AuthLDAPURL
ldap://ip.to.active.directory/dc=domain,dc=com?sAMAccountName?sub?((objectCl
ass=*)(memberOf=cn=cnName,ou=ouName,dc=domain,dc=com))
require valid-user
</Directory>
the error log shows this:
[Mon Mar 22 16:07:48 2004] [notice] suEXEC mechanism enabled (wrapper:
/usr/sbin/suexec)
[Mon Mar 22 16:07:48 2004] [notice] Accept mutex: sysvsem (Default: sysvsem)
the access log shows this:
192.168.1.154 - - [22/Mar/2004:16:08:48 -0600] "GET /josh HTTP/1.1" 401 521
"-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; .NET CLR 1.1.4322)"
and now it just sits there forever.....
I'm not sure what's going on 'cause there is no error now, but the page
doesn't load.
-Josh
> -----Original Message-----
> From: tclug-list-bounces at mn-linux.org
> [mailto:tclug-list-bounces at mn-linux.org]On Behalf Of Jay Kline
> Sent: Monday, March 22, 2004 3:34 PM
> To: tclug-list at mn-linux.org
> Subject: Re: [TCLUG] Auth_LDAP with Active Directory
>
>
>
> What does ldapsearch show?
>
>
> On Mon, Mar 22, 2004 at 12:14:06PM -0600, Josh Close
> (josh at teamfreeze.com) wrote:
> > Does anyone know ANYTHING about this?
> >
> > -Josh
> >
> >
> > > -----Original Message-----
> > > From: tclug-list-bounces at mn-linux.org
> > > [mailto:tclug-list-bounces at mn-linux.org]On Behalf Of Josh Close
> > > Sent: Friday, March 19, 2004 2:23 PM
> > > To: TCLUG (E-mail)
> > > Subject: [TCLUG] Auth_LDAP with Active Directory
> > >
> > >
> > > I'm trying to authenticate active directory users with
> > > apache. I haven't
> > > found much documentation on this.
> > >
> > > This is my apache config so far.
> > >
> > > <Directory "/path/to/dir">
> > > AuthLDAPEnabled On
> > > #AuthLDAPBindDN "ip/dc=domain,dc=com,ou=ou
> here,cn=cn here"
> > > #AuthLDAPBindPassword ""
> > > AuthLDAPURL ldap://ip/CN=cn here,OU=ou
> here,DC=domain,DC=com
> > > AuthName "AuthName"
> > > AuthType Basic
> > > require valid-user
> > > </Directory>
> > >
> > > I'm getting this error in the apache log.
> > >
> > > [Fri Mar 19 14:19:51 2004] [error] [client myIP] Search must
> > > return exactly
> > > 1 entry; found 0 entries for search
> > > (&(objectclass=*)(uid=joe.user)): URI
> > > /dir
> > >
> > > It looks like it's searching AD fine. I'm probably just doing
> > > something real
> > > simple and stupid wrong here.
> > >
> > > Any help would be great.
> > >
> > > -Josh
> > >
> > >
> > > _______________________________________________
> > > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> > > http://www.mn-linux.org tclug-list at mn-linux.org
> > > https://mailman.real-time.com/mailman/listinfo/tclug-list
> > >
> >
> >
> > _______________________________________________
> > TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> > http://www.mn-linux.org tclug-list at mn-linux.org
> > https://mailman.real-time.com/mailman/listinfo/tclug-list
> >
>
> --
> Jay Kline
> http://www.slushpupie.com
>
>
> _______________________________________________
> TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
> http://www.mn-linux.org tclug-list at mn-linux.org
> https://mailman.real-time.com/mailman/listinfo/tclug-list
>
_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list