System Administration
Showing results for 
Search instead for 
Did you mean: 

trusted mode and apache auth_ldap

Chris Howard
Frequent Advisor

trusted mode and apache auth_ldap


I got a call from a user today that our apache auth_ldap link

into an external ldap server is no longer working.


I haven't rebooted the server.


The only thing I can think of that has changed in the last

few weeks is that we have enabled "trusted mode".


Would that interrupt auth_ldap traffic?  Where should I be looking?



Honored Contributor

Re: trusted mode and apache auth_ldap

The authentication modules of Apache are all completely separate from HP-UX system authentication, so the change to trusted mode should not have had no effect whatsoever.


Start with the basics.

  • What does the Apache error log say when authentication is attempted?
  • Do you have network connectivity to the LDAP server? (ping, telnet to the server's LDAP/LDAPS port as appropriate)
  • If you're using LDAPS, did the server's SSL certificate change? (you could use "openssl s_client -connect ldap.server:636 </dev/null" to dump the SSL certificate the LDAP server is actually using in PEM encoded form, then save it to a file and run "openssl x509 -in certificate.txt -noout -text" to view it in human-readable form)
  • Does the LDAP server allow anonymous binds, or do you need to specify AuthLDAPBindDN and AuthLDAPBindPassword? If you have to specify them, can you verify that they are correct? (Can you use some other LDAP client to successfully query the LDAP server, either anonymously or using Apache's BindDN and password?)