logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Apache - LDAP - Internal Server Error
Author
flatcircle



Joined: 27 Jun 2006
Posts: 79

PostPosted: Thu 10 Sep '09 11:38    Post subject: Apache - LDAP - Internal Server Error Reply with quote

I setup my Apache to authorize users by using LDAP.

Everything is working great.
However, once a week I get an Internal Server Error.

Log file entry: [ldap_search_ext_s() for user failed][Operations Error]

Restarting the Apache service doens't help, I have to reboot the server. After that everything is working again.

Don't have a clue what could be causing this?
Any ideas folks?

Regards.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Thu 10 Sep '09 11:57    Post subject: Reply with quote

I have no clue. I use the alternative mod_sspi for Windows Domain user

Code:

<Directory "c:/httpd/html/secure">

Options All +MultiViews +ExecCGI -Indexes +Includes

AllowOverride None
Order allow,deny
Allow from all
# SSPI authentication
AuthName "Please Enter Your Username and Password"
AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
require valid-user
# or a NT-Securitygroup
# require group webusers
</Directory>


or it was

Code:

AuthType SSPI
SSPIAuth On
SSPIAuthoritative On
SSPIDomain DOMAINNAME
SSPIOfferBasic On


I'm note sure which is the right one. It has been a while Wink
Back to top
flatcircle



Joined: 27 Jun 2006
Posts: 79

PostPosted: Thu 10 Sep '09 13:09    Post subject: Reply with quote

Thank you for the advice. I'll check it out.

Is it possible to filter like with the LDAP module?
Example: Require ldap-filter &(mail=*@sub.domain.com)

(only allow users from a subdomain based on their email address)

Regards.
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Thu 10 Sep '09 16:13    Post subject: Reply with quote

FAIK there is not filter like that.
On the require of a group

Options I know

SSPIOmitDomain - set to 'on' if you want the usernames to have the domain prefix OMITTED, on = user, off = DOMAIN\\user
require valid-user # any valid user will do, useful for logging
# who accessed each file, for example
require user DOMAIN\Username # require a specific user
require group DOMAIN\Groupname # require a group member
require user "NT DOMAIN\User name" # require a user with spaces in logon id
Back to top


Reply to topic   Topic: Apache - LDAP - Internal Server Error View previous topic :: View next topic
Post new topic   Forum Index -> Apache