HPE Community
Operating System - HP-UX
1752579 Members
4611 Online
108788 Solutions
New Discussion

Re: trusted mode and apache auth_ldap

 
Chris Howard
Frequent Advisor

‎02-24-2012 03:24 PM

‎02-24-2012 03:24 PM

trusted mode and apache auth_ldap

 

I got a call from a user today that our apache auth_ldap link

into an external ldap server is no longer working.

 

I haven't rebooted the server.

 

The only thing I can think of that has changed in the last

few weeks is that we have enabled "trusted mode".

 

Would that interrupt auth_ldap traffic?  Where should I be looking?

 

 

0 Kudos
Reply
1 REPLY 1
Matti_Kurkela
Honored Contributor

‎02-25-2012 02:03 AM

‎02-25-2012 02:03 AM

Re: trusted mode and apache auth_ldap

The authentication modules of Apache are all completely separate from HP-UX system authentication, so the change to trusted mode should not have had no effect whatsoever.

 

Start with the basics.

  • What does the Apache error log say when authentication is attempted?
  • Do you have network connectivity to the LDAP server? (ping, telnet to the server's LDAP/LDAPS port as appropriate)
  • If you're using LDAPS, did the server's SSL certificate change? (you could use "openssl s_client -connect ldap.server:636 </dev/null" to dump the SSL certificate the LDAP server is actually using in PEM encoded form, then save it to a file and run "openssl x509 -in certificate.txt -noout -text" to view it in human-readable form)
  • Does the LDAP server allow anonymous binds, or do you need to specify AuthLDAPBindDN and AuthLDAPBindPassword? If you have to specify them, can you verify that they are correct? (Can you use some other LDAP client to successfully query the LDAP server, either anonymously or using Apache's BindDN and password?)
MK
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.