--On Monday, August 24, 2009 01:36:40 AM -0700 Michael March mmarch@gmail.com wrote:
Here is from my Apache error log:
[Mon Aug 24 03:56:55 2009] [warn] [client 5.5.5.5] [26803] auth_ldap authenticate: user bob authentication failed; URI / [ldap_simple_bind_s() to check user credentials failed][Invalid credentials] [Mon Aug 24 03:56:55 2009] [error] [client 5.5.5.5] user bob: authentication failure for "/": Password Mismatch
Well, I still don't get why you think this is an OpenLDAP problem. If the bind is failing it should be in the ldap log. But, it doesn't see like you have matched up the Apache log with the ldap log unless the clocks are your systems are off.
Bill
On Mon, Aug 24, 2009 at 1:29 AM, Howard Chu hyc@symas.com wrote:
Michael March wrote:
I'm using Centos / RHEL 5.2 using the stock LDAP.. I'm trying to get Apache to authenicate with my LDAP server... Using other client software I can bind as the user 'bob'.
Here is my Apache config:
Here is the error from from OpenLDAP:
In all of these log messages the result is consistently "err=0" which means Success. So, I don't see any error here, seems to be a problem with your Apache config.
Aug 24 03:57:06 localhost slapd[23856]: conn=2 fd=14 ACCEPT from
IP=192.168.150.5:59041 http://192.168.150.5:59041 (IP=0.0.0.0:389 http://0.0.0.0:389) Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=0 BIND dn="uid=root,ou=People,dc=acme,dc=com" method=128 Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=0 BIND dn="uid=root,ou=People,dc=acme,dc=com" mech=SIMPLE ssf=0 Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=0 RESULT tag=97 err=0 text= Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=1 SRCH base="ou=People,dc=acme,dc=com" scope=2 deref=3 filter="(&(objectClass=*)(uid=bob))" Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=2 BIND anonymous mech=implicit ssf=0 Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=2 BIND dn="uid=bob,ou=People,dc=acme,dc=com" method=128 Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=2 BIND dn="uid=bob,ou=People,dc=acme,dc=com" mech=SIMPLE ssf=0 Aug 24 03:57:06 localhost slapd[23856]: conn=2 op=2 RESULT tag=97 err=0 text= Aug 24 03:57:37 localhost slapd[23856]: conn=3 fd=17 ACCEPT from IP=192.168.150.5:59042 http://192.168.150.5:59042 (IP=0.0.0.0:389 http://0.0.0.0:389) Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=0 BIND dn="uid=root,ou=People,dc=acme,dc=com" method=128 Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=0 BIND dn="uid=root,ou=People,dc=acme,dc=com" mech=SIMPLE ssf=0 Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=0 RESULT tag=97 err=0 text= Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=1 SRCH base="ou=People,dc=acme,dc=com" scope=2 deref=3 filter="(&(objectClass=*)(uid=bmason))" Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text= Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=2 BIND anonymous mech=implicit ssf=0 Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=2 BIND dn="uid=bob,ou=People,dc=acme,dc=com" method=128 Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=2 BIND dn="uid=bob,ou=People,dc=acme,dc=com" mech=SIMPLE ssf=0 Aug 24 03:57:37 localhost slapd[23856]: conn=3 op=2 RESULT tag=97 err=0 text=