Apache2 & LDAP

[jasonyates]

Hi,

I've been pulling my hair out over this for a few days now, i'm trying to get apache to authorize a user based on their AD credentials. I've got mod_auth_ldap install and working as far as I can tell I just can't seem to get the .htaccess file working.

My current code is:

Code:

Order deny,allow
Deny from All
AuthName "Intranet"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPBindDN "cn=LDAPUser,cn=Users,dc=internal,dc=distortedlogic,dc=net"
AuthLDAPBindPassword PASSWORD
AuthLDAPURL ldap://localhost:389/dc=internal,dc=distortedlogic,dc=net?sAMAccountName?sub?(objectClass=*)
Require valid-user
Satisfy any

When visit the protected page I get the login prompt but get no further. I've tried a mix of things i've found online and have managed to generate every error message under the sun. I've also tried various logins ranging from DOMAIN\Username to Username@domain but to no avail.

Incase it helps, my users are stored in the Users container under the root of the domain.

I'm sure that LDAP is working properly because i'm able to get PHP to authenticate against it perfectly fine.

Any help would be greatly appreciated.

Regards

[RichardDS]

Can't see where you are going wrong but here is my conf I use to protect subversion:

Code:

    <Directory />
     Options FollowSymLinks
     Order allow,deny
     Allow from all

     AuthLDAPAuthoritative on
     AuthType Basic
     AuthName "CNCS Domain Subversion Access"
     AuthLDAPBindDN "CN=Apache LDAP,OU=Service Accounts,DC=cncs,DC=co,DC=uk"
     AuthLDAPBindPassword <password>
     AuthLDAPURL "ldap://skoda.cncs.co.uk:389/OU=Users,OU=Administrators,DC=cncs,DC=co,DC=uk?sAMAccountName?sub?(objectClass=*)"
    </Directory>

[jasonyates]

Thanks richard, I'll try adding it to httpd.conf as opposed to a .htaccess file shortly and let you know how it goes.

Regards

[jasonyates]

Hi,

I've tried everything I can think of including installing a different windows apache server, i've gone from wamp to XAMPP.

I still cant get the damn authentication to work. I've tried several different users with varying permissions in the bind string and loads of users in the actual login. The error im currently getting is:

[Mon Nov 05 23:02:23 2007] [warn] [client 86.20.154.122] [2944] auth_ldap authenticate: user nath authentication failed; URI /test/ [LDAP: ldap_simple_bind_s() failed][Invalid Credentials]
[Mon Nov 05 23:02:23 2007] [error] [client 86.20.154.122] user nath: authentication failure for "/test/": Password Mismatch

however I know that the credentials work.

[Geoff]

Code:

AuthLDAPBindDN "CN=Apache LDAP,OU=Service Accounts,DC=cncs,DC=co,DC=uk"

should be

Code:

AuthLDAPBindDN "Apache LDAP@Service Accounts.cncs.co.uk"

I'm dubious about the spaces though. If you still have problems, Try removing them.