Hi Zac,
Not sure if you're still looking for this (I'm playing catch-up), but
this config snippet might provide something to compare against:
AuthType Basic
AuthName "LDAP Authentication"
AuthLDAPUrl ldap://ldap/o=users?cn?sub?(objectclass=Person)
AuthLDAPBindDN cn=readonly,o=admin
AuthLDAPBindPassword nottelling
require group cn=development_team,o=groups
We used AuthLDAPUrl where you have AuthLDAPURL, see if changing that
fixes your problem.
cheers,
dim
On 3/17/07, Zac Morris <[EMAIL PROTECTED]> wrote:
Hi,
I need some help. I've tried Goggle and some forums with no luck on this
one...
I've setup a win32 Apache 2.2.4 server, with the mod_authnz_ldap module.
When I access a protected url I'm getting an Error 500 and the error.log
shows:
[Tue Mar 13 16:26:06 2007] [warn] [client 127.0.0.1] [5496] auth_ldap
authenticate: user devuser authentication failed; URI
/servframe/images/edit.gif [ldap_search_ext_s() for user failed][Protocol
Error]
I'm pointing at an OpenLDAP-2.2.23 repository (running on a different server
on the same subnet).
I've configured Tomcat in a similar way (pointing to the same ldap
repository via the:
<Realm
className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://192.168.1.2/";
userBase="ou=people,o={domain here}"
userSearch="(uid={0})"
/>
...which is working just fine.
From what few hints I'm finding online, it seems that the "protocol error"
can be seen depending on which LDAP SDKS were used during the build of
mod_authnz_ldap? I've tried a couple different version of this library from
various sources all with no luck, and I don't have the setup necessary to
compile it on my own.
Is ANYONE familiar with this problem, and is there a simple way to fix it?
THANKS!
-Zac
P.S. The relevant portion of httpd.conf
<IfModule authnz_ldap_module>
LDAPSharedCacheSize 200000
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600
</IfModule>
Alias /servframe "R:\servframe"
<Directory "R:\servframe">
AllowOverride All
order allow,deny
allow from all
AuthName "servframe"
AuthType Basic
AuthBasicProvider ldap
AuthLDAPURL ldap://192.168.1.2:389/ou=people,o={domain
here}?uid?sub?(objectClass=*)
AuthzLDAPAuthoritative off
require valid-user
</Directory>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
