Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Example Apache file causes confusing behaviour with Active Directory #176

Open
firthmj opened this issue Dec 8, 2020 · 0 comments
Open

Example Apache file causes confusing behaviour with Active Directory #176

firthmj opened this issue Dec 8, 2020 · 0 comments

Comments

@firthmj
Copy link

firthmj commented Dec 8, 2020

When configuring a dns-ui install using the example Apache configuration file against an Active Directory LDAP server you get behaviour that is really confusing to a new user.

It triggers the issue described here:
https://stackoverflow.com/a/16530990/4523777

Which means that you just get a "500 server error", and nothing in any log file to say what is wrong. Enabling the LDAP debug described there showed that it was because the LDAP line doesn't work against active directory:

[Tue Dec 08 15:08:53.406766 2020] [authnz_ldap:info] [pid 25695:tid 140081561179904] [client A.B.C.D:PPPPP] AH01695: auth_ldap authenticate: user UUUUU authentication failed; URI / [ldap_search_ext_s() for user failed][Operations error]

Changing the AuthLDAPURL line from "ldaps://...?uid?sub?(objectClass=inetOrgPerson)" to "ldaps://...?samAccountName?sub?(objectClass=organizationalPerson)"

Allowed the authentication to succeed. Maybe worth adding a note to the Wiki page with the example?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@firthmj