On Thu, Mar 18, 2010 at 1:25 PM, <[email protected]> wrote: > Hi, > > when I use the following AuthLDAPURL > > "ldap://adserver/ou=city1,dc=abc,dc=com?sAMAccountName?sub?(&(objectClass=user)(!(objectClass=computer)))" > NONE > > I can authenticate any user in "ou" city1. > > If I replace the AuthLDPAURL by > > "ldap://adserver/dc=abc,dc=com?sAMAccountName?sub?(&(objectClass=user)(!(objectClass=computer)))" > NONE > > I get an Apache 2.2 internal error and in the error log the following message: > > [debug] mod_authnz_ldap.c(379): [client xxxx] [8655] auth_ldap authenticate: > using URL > ldap://adserver/dc=abc,dc=com?sAMAccountName?sub?(&(objectClass=user)(!(objectClass=computer))) > [info] [client xxxx] [8655] auth_ldap authenticate: user myusername > authentication failed; URI /test/ [ldap_search_ext_s() for user > failed][Operations error] > > When I do ldapsearch ... -b 'dc=abc,dc=com' > '(&(objectClass=user)(!(objectClass=computer))(samaccountname=myusername)', > the Active Directory server returns data, which seems to imply that there's > something wrong with the mod_authnz_ldap module, or with the way I set it up > or use it.
Can you look at the differences on the wire via e.g. wireshark? This should make the difference in the search pretty easy to spot. -- Eric Covener [email protected] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [email protected] " from the digest: [email protected] For additional commands, e-mail: [email protected]
