LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 05-14-2008, 04:13 PM   #1
kcorupe
Member
 
Registered: Nov 2004
Location: Arizona
Distribution: Arch
Posts: 107

Rep: Reputation: 15
ldap apache auth issues


I'm trying to get ldap authentication working in apache. So far I have it connecting and looking up the user in openldap but for some reason it always says mismatched passwd?

So I set my ldap passwd just to make sure:
Code:
[root@****** kyle]# ldappasswd -D "cn=root,dc=*******,dc=internal" -W -H ldaps://*******.*******.internal -x "uid=kcorupe,ou=Users,dc=*******,dc=internal"
Enter LDAP Password: 
New password: fecEfe
Result: Success (0)


I see apache connecting to the openldap server:

Code:
>>> dnPrettyNormal: <uid=kcorupe,ou=Users,dc=corpedia,dc=internal>
=> ldap_bv2dn(uid=kcorupe,ou=Users,dc=corpedia,dc=internal,0)
<= ldap_bv2dn(uid=kcorupe,ou=Users,dc=corpedia,dc=internal)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=kcorupe,ou=Users,dc=corpedia,dc=internal)=0 
=> ldap_dn2bv(272)
<= ldap_dn2bv(uid=kcorupe,ou=users,dc=corpedia,dc=internal)=0 
<<< dnPrettyNormal: <uid=kcorupe,ou=Users,dc=corpedia,dc=internal>, <uid=kcorupe,ou=users,dc=corpedia,dc=internal>
do_bind: version=3 dn="uid=kcorupe,ou=Users,dc=corpedia,dc=internal" method=128
==> bdb_bind: dn: uid=kcorupe,ou=Users,dc=corpedia,dc=internal
bdb_dn2entry("uid=kcorupe,ou=users,dc=corpedia,dc=internal")
send_ldap_result: conn=21 op=2 p=3
send_ldap_result: err=49 matched="" text=""
send_ldap_response: msgid=3 tag=97 err=49
ber_flush: 14 bytes to sd 18
connection_get(18)
connection_get(18): got connid=21
connection_read(18): checking for input on id=21
ber_get_next
ber_get_next: tag 0x30 len 5 contents:
ber_get_next
do_unbind
ber_get_next on fd 18 failed errno=0 (Success)
connection_read(18): input error=-2 id=21, closing.
connection_closing: readying conn=21 sd=18 for close
connection_close: deferring conn=21 sd=18
connection_resched: attempting closing conn=21 sd=18
connection_close: conn=21 sd=18

And this is all that I see in error_log for apache, and I have the debug level set:

Code:
[Wed May 14 13:05:49 2008] [warn] [client 10.0.0.214] [13123] auth_ldap authenticate: user kcorupe authentication failed; URI / [ldap_simple_bind_s() to check user credentials failed][Invalid credentials]
[Wed May 14 13:05:49 2008] [error] [client 10.0.0.214] user kcorupe: authentication failure for "/": Password Mismatch
See, all it says is passwd mismatch, but I am supplying the correct passwd. and it is looking up the correct user in ldap.

Here is my apache config for that section:

Code:
<Location "/">
Order deny,allow
Deny from All
AuthName "LDAP Test"
AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on
AuthLDAPUrl ldap://*******.********.internal/ou=Users,dc=corpedia,dc=internal?uid
Require valid-user
Satisfy any
</Location>
 
Old 05-16-2008, 04:34 AM   #2
Kenarkies
Member
 
Registered: Nov 2007
Location: South Australia
Distribution: Ubuntu 11.10
Posts: 78

Rep: Reputation: 23
Your Apache config looks OK. Almost certainly LDAP is having trouble. If you bump up the syslog debug level you should be able to see passwords and more detailed LDAP activity (you should have a "debug" log file in your syslog directory - is that where your second listing comes from?). LDAP can be tricky to get going - if you are using LDAP for login authentication check if you can login OK.

Ken
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OTRS and LDAP auth Ammad Linux - General 0 04-14-2008 03:56 PM
Apache 2 LDAP auth noir911 Linux - Server 1 02-24-2008 11:42 PM
LDAP auth with apache doesn't works in FC6 chithu Linux - Server 6 04-17-2007 04:45 AM
Enabling LDAP auth for Apache 2.0.55 HSukirman Linux - Software 3 06-07-2006 04:56 AM
Auth via LDAP on eDirectory jtweaker Linux - Networking 1 12-28-2004 09:18 AM


All times are GMT -5. The time now is 07:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration