Hi all, I'm having a bit of trouble getting mod_authz_ldap to work. I have my OU layout and my posix groups layout included. I'm simply trying to authenticate the user "tnine" against the group
cn=development,ou=Groups,dc=arocksoftware,dc=com I receive the following error, so I'm obviously not getting authorized auth_ldap authenticate: user tnine authentication failed; URI /vcproject/ [ldap_search_ext_s() for user failed][No such object] I have the following settings in my authorization directive. But I have several questions. Any help would be greatly appreciated. 1. I'm using a posixGroup, is that not possible? 2. I have set the log level to debug, but I only get the above line in the error_log. I'd like to see the query string its issuing, is that possible? 3. I thought that by setting the AuthLDAPGroupAttribute it would find my username and authenticate me, is that not correct? Thanks in advance for the help. Todd subversion.conf file <Location /> DAV svn SVNParentPath /srv/svnrepos # Limit write permission to list of valid users. # Require SSL connection for password protection. # SSLRequireSSL AuthType Basic AuthName "ARock Software Subversion" AuthBasicProvider ldap AuthLDAPURL ldap://ldap:389/ require ldap-group cn=development,ou=Groups,dc=arocksoftware,dc=com AuthzLDAPAuthoritative on AuthLDAPGroupAttribute memberUid AuthzLDAPLogLevel debug Require valid-user </Location> Dump of openldap schema dn: dc=arocksoftware,dc=com objectClass: dcObject objectClass: organization dc: arocksoftware o: Arock Software dn: cn=Manager,dc=arocksoftware,dc=com cn: Manager objectClass: organizationalRole objectClass: top dn: ou=Groups,dc=arocksoftware,dc=com ou: Groups objectClass: organizationalUnit objectClass: top dn: cn=development,ou=Groups,dc=arocksoftware,dc=com cn: development gidNumber: 1001 objectClass: posixGroup objectClass: top memberUid: tnine dn: ou=People,dc=arocksoftware,dc=com ou: People objectClass: organizationalUnit objectClass: top dn: ou=Customers,ou=People,dc=arocksoftware,dc=com ou: Customers objectClass: organizationalUnit objectClass: top dn: ou=Employees,ou=People,dc=arocksoftware,dc=com ou: Employees objectClass: organizationalUnit objectClass: top dn: cn=Todd Nine,ou=Employees,ou=People,dc=arocksoftware,dc=com givenName: Todd sn: Nine cn: Todd Nine uid: tnine uidNumber: 1000 gidNumber: 1000 homeDirectory: /home/users/development/ne objectClass: inetOrgPerson objectClass: posixAccount objectClass: top userPassword: {SHA}removed
