Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

apache2 + ldap (AD) working but it's not

Status
Not open for further replies.

vortmax

Technical User
Aug 1, 2006
46
US
I'm attempting to authorize apache against an Active Directory server. I've been fighting with it all day and have it working, but not really.

Here is my conf.d entry for the site:

Code:
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Order allow,deny 
   Allow from all
   AuthName "Nagios Access"
   AuthType Basic
   AuthBasicProvider ldap
   AuthLDAPURL "ldap://adc.*******.net/OU=****** Users,dc=******,dc=net?sAMAccountName?sub?"
  AuthLDAPBindDN "helpdesk@******.net"
  AuthLDAPBindPassword *******
  Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Order allow,deny
   Allow from all
   AuthName "Nagios Access"
   AuthType Basic
   AuthBasicProvider ldap
   AuthLDAPURL "ldap://adc.*****.net/OU=***** Users,dc=*****,dc=net?sAMAccountName?sub?"
   AuthLDAPBindDN "helpdesk@****.net"
   AuthLDAPBindPassword *****
   Require valid-user
</Directory>

I know my LDAPURL, user, password and binding works, as I've tried it on the command line with ldapsearch

The interesting thing is when I attempt to access the site, I get the user/pass dialog and it asks for my username and pass 3 times before exiting to the 'Authorization Required' page. However, no errors are thrown in the logs. If I enter a bad username or a bad password, then I get the expected error in the log.

So it's as if LDAP authentication is working, but apache continues to block access. Is there something I'm missing here?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top