Hello!
We had the auth setup under 2.2, that used two AuthnProviderAlias-blocks -- one
for LDAP and one for a handful of local user-accounts not known to the Active
Directory:
<AuthnProviderAlias ldap CorpAD>
AuthLDAPBindDN "cn=foo,ou=bar,ou=Enterprise
Applications,dc=corp,dc=ad,dc=example,dc=com"
AuthLDAPBindPassword "secret"
AuthLDAPURL
"ldaps://corp.ad.example.com:3269/dc=corp,dc=ad,dc=example,dc=com?sAMAccountName?sub?(objectClass=*)"
AuthLDAPRemoteUserAttribute sAMAccountName
</AuthnProviderAlias>
<AuthnProviderAlias file AdminFile>
AuthUserFile '/data/servers/apache-scm/conf/admin.passwd'
</AuthnProviderAlias>
The actual usage of the above was thus:
AuthType Basic
AuthName "Who are you?"
AuthBasicProvider AdminFile CorpAD
Require valid-user
The config is currently working on our production server, but I'm trying to
upgrade the dev-server to 2.4.6. Unfortunately, the 2.4.6 kept rejecting me --
without even trying to perform an LDAP query (LogLevel is set to trace3):
.... AH01618: user mikhail not found: /foo/...
.... auth phase 'check user' gave status 401: /foo/....
.... Response sent with status 401
Bewildered I decided to forgo the provider-aliasing, and simply copied both the
LDAP and the file settings into the location. Suddenly things started to work
properly -- the messages from authnz_ldap appear in the log, the lookups
succeed, and I'm able to login...
It looks like am not alone -- someone else has already asked about this on
users@
<http://mail-archives.apache.org/mod_mbox/httpd-users/201212.mbox/%[email protected]%3E>,
but got no replies...Please, advise. Yours,
-mi
