Hi,
Sorry if it is OP topic, forgive me!
I am implementing a web based service using PerlCGI + Apache +Ldap authentication.
I successfully implemented the service with PerlCGI with Apache and able to access the webpage, to allow the access for only authenticated users I am trying to integrate apache with ldap server.
<Directory "/home/xxxxx/apache2/cgi-bin">
AllowOverride None
Options +ExecCGI
AddHandler cgi-script .cgi .py .pl
order allow,deny
allow from all
AuthName "DOMAIN Active Directory"
AuthType Basic
AuthBasicProvider ldap
AuthLDAPURL "ldap://xxx.xx.xxx.xx:389/DC=DOMAIN,dc=com?sAMAccountN
+ame?sub?(objectClass=Person)"
AuthLDAPBindDN "CN=user_id,DC=DOMAIN,DC=com"
AuthLDAPBindPassword "XXXXXXXXXXXXXXXXXX"
Require valid-user
</Directory>
When I hit the url it prompts for username and password, but its not authenticating successfully.
In error.log I see below error,
[Sun Apr 12 17:06:25.112467 2020] [authnz_ldap:debug] [pid 26287:tid 2
+7] mod_authnz_ldap.c(522): [client xx.xx.xx.xx:53875] AH01691: auth_l
+dap authenticate: using URL ldap://xx.xx.xx.xx:389/DC=DOMAIN,dc=com?s
+AMAccountName?sub?(objectClass=Person)
[Sun Apr 12 17:06:25.593392 2020] [authnz_ldap:info] [pid 26287:tid 27
+] [client xx.xx.xx.xx:53875] AH01695: auth_ldap authenticate: user us
+er_id authentication failed; URI / [LDAP: ldap_simple_bind() failed][
+Invalid credentials]
[Sun Apr 12 17:06:25.593410 2020] [auth_basic:error] [pid 26287:tid 27
+] [client xx.xx.xx.xx:53875] AH01617: user user_id: authentication fa
+ilure for "/": Password Mismatch
It seems the authentication password is wrong, but I am using the same password with ldapsearch it successfully fetches the account details from the ldap server.
ldapsearch -H ldap://xx.xx.xx.xx:389 -x -D "DOMAIN\user_id" -W -b "dc=
+DOMAIN,dc=com" -s sub "(&(sAMAccountName=user_id)(objectClass=Person)
+)"
Could somebody help me out here. Thanks in advance.
All is well. I learn by answering your questions...
-
Are you posting in the right place? Check out Where do I post X? to know for sure.
-
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big>
<blockquote> <br /> <dd>
<dl> <dt> <em> <font>
<h1> <h2> <h3> <h4>
<h5> <h6> <hr /> <i>
<li> <nbsp> <ol> <p>
<small> <strike> <strong>
<sub> <sup> <table>
<td> <th> <tr> <tt>
<u> <ul>
-
Snippets of code should be wrapped in
<code> tags not
<pre> tags. In fact, <pre>
tags should generally be avoided. If they must
be used, extreme care should be
taken to ensure that their contents do not
have long lines (<70 chars), in order to prevent
horizontal scrolling (and possible janitor
intervention).
-
Want more info? How to link
or How to display code and escape characters
are good places to start.