Apache2 problem: auth by group with OpenLDAP

This is a discussion on Apache2 problem: auth by group with OpenLDAP within the Apache Web Server forums, part of the Web Server and Related Forums category; Hi all, I have a problem authenticating users with apache2 from an openldap server using a .htaccess file. The require ...


Go Back   Usenet Forums > Web Server and Related Forums > Apache Web Server

Reload this Page Apache2 problem: auth by group with OpenLDAP

FAQ Members List Calendar Search Today's Posts Mark Forums Read

 

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 07-11-2006
Jeremy Saintot
 
Posts: n/a
Default Apache2 problem: auth by group with OpenLDAP
Hi all,

I have a problem authenticating users with apache2 from an openldap server
using a .htaccess file. The require valid-user and require user XXX works
fine, but the require-group doesn't.

Auth works with this file :

AuthType Basic
AuthName "LDAP auth"
AuthLDAPEnabled on
AuthLDAPUrl ldap://127.0.0.1/dc=myorg,dc=com?uid
require valid-user

But not with this one:

AuthType Basic
AuthName "LDAP auth"
AuthLDAPAuthoritative on
AuthLDAPEnabled on
AuthLDAPUrl ldap://127.0.0.1/dc=leguide,dc=com?uid?sub
AuthLDAPGroupAttributeIsDN off
AuthLDAPGroupAttribute memberUid
require group cn=staff,ou=groups,dc=myorg,dc=com

Nor with this one :

AuthType Basic
AuthName "LDAP auth"
AuthLDAPAuthoritative on
AuthLDAPEnabled on
AuthLDAPUrl ldap://127.0.0.1/dc=leguide,dc=com?uid?sub
require group cn=staff,ou=groups,dc=myorg,dc=com


I have tried a lot of combinations, bit it still doesn't work.
I have also tried with "require group staff" or "require ldap-group
cn=staff,ou=groups,dc=myorg,dc=com", but still the same.

I have tried with groups of the following objectClasses :
groupOfNames, groupOfUniqueNames, posixGroup, sambaGroupMapping. This had
not solved the problem.

Here is some info that might be useful for anyone who would want to help me ;)

root@ldap-test:~# ls /etc/apache2/mods-enabled/
actions.load auth_ldap.load cgi.load php5.load

root@ldap-test:~# slapd -V
@(#) $OpenLDAP: slapd 2.2.26 (Oct 31 2005 09:10:53) $

root@ldap-test:~# uname -a
Linux ldap-test 2.6.15-1-486 #2 Mon Mar 6 15:19:16 UTC 2006 i686 GNU/Linux


Here are the ldif entries of the groups I have tried to authenticate

dn: cn=staff,ou=namesGroups,dc=myorg,dc=com
cn: staff
uniqueMember: uid=charlie.root,ou=users,dc=myorg,dc=com
objectClass: groupOfUniqueNames
objectClass: top


dn: cn=staff,ou=groups,dc=myorg,dc=com
objectClass: sambaGroupMapping
objectClass: posixGroup
sambaGroupType: 2
sambaSID: S-1-5-21-42642190-1432053433-274702310-3003
cn: staff
userPassword:
displayName: staff
gidNumber: 1001
memberUid: charlie.root


My user's dn is "uid=charlie.root,ou=users,dc=myorg,dc=com" and its
objectClass is inetOrgPerson + posixAccount

Thanks for your help, I have already spend days of google & forum searches
with this...

Regards,

Jeremy
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 05:22 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0