+ Post New Thread
Results 1 to 2 of 2
Windows Server 2000/2003 Thread, apache htaccess ldap > server 2003 in Technical; trying to secure a wordpress site running on xampp with ldap and htaccess file it's not working and apache log ...
  1. #1
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,533
    Thank Post
    108
    Thanked 89 Times in 75 Posts
    Blog Entries
    47
    Rep Power
    41

    apache htaccess ldap > server 2003

    trying to secure a wordpress site running on xampp with ldap and htaccess file
    it's not working and apache log files are no help.
    looking at the ldap requests in wireshark

    bindrequest(187) "<root> simple
    bindresponse(187) success
    searchrequest (6710905) dc=domaindnszones, dc=domain, dc=lancs, dc=sch,dc=uk" wholesubtree filter: (&(objectclass=*)(uid=username@domain.etc))
    searchresdone(67109056) operations error ldaperr: DSID-0c090627 in orderr to perform this op a successful bind must be completed

    bindrequest(188) "<root" simple
    bindresponse(188) success
    searchrequest (100663488) dc=configuration, dc=domain, dc=lancs, dc=sch,dc=uk" wholesubtree filter: (&(objectclass=*)(uid=username@domain.etc))
    searchresdone(100663488) operations error ldaperr: DSID-0c090627 in orderr to perform this op a successful bind must be completed

    I think the problem is its not binding with the account details in the htaccess file. i have no idea why tho.

    my htaccess file is:

    Code:
    # Authentication realm and method:
    AuthType Basic
    AuthName "LDAP Auth"
    AuthBasicProvider ldap
    AuthUserFile /dev/null 
    AuthBasicAuthoritative Off 
    
    # DN of Active Directory server
    AuthLDAPUrl ldap://server.domain.lancs.sch.uk:389/DC=domain,DC=lancs,DC=sch,DC=uk??base?(objectClass=*)
    
    # An account in the AD that has enough permissions to perform an LDAP search
    AuthLDAPBindDN username@domain.lancs.sch.uk
    AuthLDAPBindPassword password
    
    # When checking for group membership, use the DN of the user, not the HTTP entry
    AuthLDAPGroupAttributeIsDN on
    
    # Require groups, specifying the DN of the security group
    require group CN=teachergroup,OU=teacherou,DC=domain,DC=lancs,DC=sch,DC=uk
    require group CN=Domain Admins,OU=Adminsou,DC=domain,DC=lancs,DC=sch,DC=uk
    have also tried but to no avail
    AuthLDAPBindDN "CN=domainadminaccount,ou=admins,DC=domain,DC=lanc s,DC=sch,DC=uk"

    I think the problem is its not binding with the account details in the htaccess file. i have no idea why tho.
    Last edited by browolf; 2nd July 2010 at 12:39 PM.

  2. #2
    browolf's Avatar
    Join Date
    Jun 2005
    Location
    Mars
    Posts
    1,533
    Thank Post
    108
    Thanked 89 Times in 75 Posts
    Blog Entries
    47
    Rep Power
    41
    I've discovered I need

    Require valid-user

    in htaccess to force it to use specific credentials when binding

    however now everything succeeds with no errors, it comes back with 0 results and apache logs say [User not found][No Such Object]



SHARE:
+ Post New Thread

Similar Threads

  1. Server 2003 - Seperate severs for Apache, MySql & PHP
    By danIT in forum Windows Server 2000/2003
    Replies: 1
    Last Post: 11th May 2010, 10:13 AM
  2. Apache Server Name not recognised
    By demsley in forum Virtual Learning Platforms
    Replies: 1
    Last Post: 19th October 2009, 11:22 PM
  3. Wildcards in Apache virtual server
    By FN-GM in forum How do you do....it?
    Replies: 1
    Last Post: 16th September 2008, 04:22 PM
  4. .htaccess rewrite rule
    By localzuk in forum Web Development
    Replies: 2
    Last Post: 7th May 2008, 10:43 AM
  5. Run LDAP query intranet server
    By ryan_powell in forum Web Development
    Replies: 4
    Last Post: 18th February 2008, 03:23 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •