TransWikia.com

Internal Error 500 appear when use apache 2.4 with LDAP Authetication

Server Fault Asked by Leo Lau on January 18, 2021

I have an CentOS 7 server with SVN server configured and I have another windows server 2012R2 with LDAP, that I use for domain controller. I can use ldapsearch communicate with windows server.

Well my problem now is that When I try to login into svn server via browser, It comes up a Internal Error (500) no matter what I entered.

here is my ldap configuration in /etc/httpd/conf.moudules.d/10-subversion.conf:

Alias /svn /var/www
<Location />
DAV svn
SVNParentPath /var/www
AuthType Basic
LDAPReferrals Off
AuthBasicAuthoritative on
AuthBasicProvider ldap
AuthName "SVN Server Login"
AuthLDAPURL ldap://172.20.2.3:389/,dc=syd,dc=domain,dc=com?sAMAccountName?sub?(ObjectClass=*) NONE
AuthLDAPBindDN sydadmin
AuthLDAPBindPassword adminpassword
Require valid-user
</Location>

and I’ve got the error message like:

[Thu May 12 09:55:02.382284 2016] [authnz_ldap:info] [pid 9720] [client 172.19.12.2:61673] AH01695: auth_ldap authenticate: user a.b1 authentication failed; URI /repo [ldap_search_ext_s() for user failed][Invalid DN syntax]

Any help will be appreciate.
Thanks.

One Answer

the base in your AuthLDAPURL looks wrong, it has a comma right after the the port/slash:

AuthLDAPURL ldap://172.20.2.3:389/,dc=syd,dc=domain,dc=com?sAMAccountName?sub?(ObjectClass=*) NONE

Try instead:

AuthLDAPURL ldap://172.20.2.3:389/dc=syd,dc=domain,dc=com?sAMAccountName?sub?(ObjectClass=*) NONE

But really, just get the config from the apache documentation

AuthLDAPBindDN [email protected]
AuthLDAPBindPassword password
AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub

You can use samaccountname instead of userPrincipalName if prefer that your users login with just ther login name instead of the upn.

Answered by natxo asenjo on January 18, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP