On Tuesday 12 June 2007 15:49, Henning Brauer wrote: > * Thierry Lacoste <[EMAIL PROTECTED]> [2007-06-12 15:27]: > > On Tuesday 12 June 2007 15:07, Henning Brauer wrote: > > > * Thierry Lacoste <[EMAIL PROTECTED]> [2007-06-12 14:35]: > > > > Hello, > > > > > > > > I'm using mod_auth_ldap-1.6.0p3 on OpenBSD 4.1 > > > > and I'd like to make it authenticate on 2 ldap servers > > > > in case one is down. > > > > > > > > I fought with the AuthLDAPURL directive but with no success. > > > > > > AuthName "something good" > > > AuthType Basic > > > AuthLDAPURL ldap://a.ldap.bsws.de > > > b.ldap.bsws.de/ou=..?uid?sub?objectclass=... AuthLDAPBindDN > > > cn=http-auth,... > > > AuthLDAPBindPassword ... > > > AuthLDAPStartTLS off # broken... stupid OpenLDAP > > > > Argh, is this because of AuthLDAPStartTLS that I couldn't make it work? > > I will try it just out of curiosity but I've just configured my OpenLDAP > > servers to reject non-TLS connexions. > > I don't like the idea of cleartext passwords on the wire ... > > neither do I, nor do i fully remember what the problem was. maybe time > to retry. Well it actually seems to work perfectly with my two OpenLDAP servers and TLS. This is on OpenBSD 3.8 and I will try tomorrow with 4.1. AFAICS my problem was just a matter of using the correct syntax for AuthLDAPURL. Thank you very much.
Thierry. PS: FWIW I don't use AuthLDAPBindDN nor AuthLDAPBindPassword.
