Re: trusted mode and apache auth_ldap (106 Views)
Reply
Frequent Advisor
Chris Howard
Posts: 40
Registered: ‎02-15-1999
Message 1 of 2 (116 Views)

trusted mode and apache auth_ldap

 

I got a call from a user today that our apache auth_ldap link

into an external ldap server is no longer working.

 

I haven't rebooted the server.

 

The only thing I can think of that has changed in the last

few weeks is that we have enabled "trusted mode".

 

Would that interrupt auth_ldap traffic?  Where should I be looking?

 

 

Please use plain text.
Honored Contributor
Matti_Kurkela
Posts: 6,271
Registered: ‎12-02-2001
Message 2 of 2 (106 Views)

Re: trusted mode and apache auth_ldap

The authentication modules of Apache are all completely separate from HP-UX system authentication, so the change to trusted mode should not have had no effect whatsoever.

 

Start with the basics.

  • What does the Apache error log say when authentication is attempted?
  • Do you have network connectivity to the LDAP server? (ping, telnet to the server's LDAP/LDAPS port as appropriate)
  • If you're using LDAPS, did the server's SSL certificate change? (you could use "openssl s_client -connect ldap.server:636 </dev/null" to dump the SSL certificate the LDAP server is actually using in PEM encoded form, then save it to a file and run "openssl x509 -in certificate.txt -noout -text" to view it in human-readable form)
  • Does the LDAP server allow anonymous binds, or do you need to specify AuthLDAPBindDN and AuthLDAPBindPassword? If you have to specify them, can you verify that they are correct? (Can you use some other LDAP client to successfully query the LDAP server, either anonymously or using Apache's BindDN and password?)
MK
Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation