[Freeipa-users] Re: mod_authz_ldap authentication against ipa
Ivan Levchenko
levchenko.i at gmail.com
Mon Oct 13 23:44:34 UTC 2008
On Tue, Oct 14, 2008 at 12:47 AM, Ivan Levchenko <levchenko.i at gmail.com> wrote:
> HI,
>
> I'm trying to setup apache authentication via mod_authz_ldap, but it
> i'm having some problems with it.
> i've setup apache as per
> http://directory.fedoraproject.org/wiki/Howto:Apache, changed the
> AuthzLDAPUserBase directive to
> cn=users,cn=accounts,dc=example,dc=com, but its not authenticating...
>
> after reading the docs for mod_authz_ldap, it says:
> The password is verified by binding to the directory as the user whose
> distinguished name was found in the previous step, with the password
> from the login dialog.
>
> I've tried to connect to the ldap server using a reguler user created
> via the web interface and i was not able to.
>
> am i doing something wrong, or is it not possible to authenticate
> against ldap and i should only use kerberos?
>
> thanks in advance.
> --
>
> Best Regards,
>
> Ivan Levchenko
> levchenko.i at gmail.com
>
another thing...
trying to use authentication when doing a regular ldapsearch:
ldapsearch -v -x -W -h master.example.com -D
"uid=ivan,cn=users,cn=accounts,dc=example,dc=com" -b
"cn=users,cn=accounts,dc=example,dc=com" uid=ivan
ldap_initialize( ldap://master.example.com )
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
... a bit lost why it isn't authenticating....
More information about the Freeipa-users
mailing list