Re: [users@httpd]Login difficulty after integration of httpd with LDAP

2016-07-05 Thread Roger Paanini
Eric, I just found the problem: there is a typo in ldap URL: sAMAccountName has an i at the end. After I removed it, it is working fine. AuthLDAPURL "ldaps://my.com:636/DC=my,DC=com?sAMAccountName*i*?sub?( objectclass=user) "

Re: [users@httpd]Login difficulty after integration of httpd with LDAP

2016-07-05 Thread Eric Covener
On Tue, Jul 5, 2016 at 2:32 PM, Roger Paanini wrote: > I have redacted the response to protect confidential info. Do you need the > full response? I don't think so. Could you capture both searches in wireshark and see how they differ at a low level? Something might stand out side-by-side. -- E

Re: [users@httpd]Login difficulty after integration of httpd with LDAP

2016-07-05 Thread Roger Paanini
Eric, this command works perfectly fine: ldapsearch -x -h my.com -D "CN=ldap,OU=acct,DC=my,DC=com" -w * -b "dc=my,dc=com" -s sub "(&(sAMAccountName=testuser)(objectClass=user))" I have redacted the response to protect confidential info. Do you need the full response? Thanks! On Tue, Jul 5,

Re: [users@httpd]Login difficulty after integration of httpd with LDAP

2016-07-05 Thread Eric Covener
On Tue, Jul 5, 2016 at 11:56 AM, Mike Rumph wrote: > [Tue Jul 05 09:23:50.587187 2016] [authnz_ldap:info] [pid 35839:tid > 139644016523008] [client 10.204.1.1:51637] AH01695: auth_ldap authenticate: > user testuser authentication failed; URI /ui [User not found][No such > object] Can you show a

Re: [users@httpd]Login difficulty after integration of httpd with LDAP

2016-07-05 Thread Mike Rumph
Adding a subject for easier tracking On 7/5/2016 8:36 AM, Roger Paanini wrote: Hi Folks, I am trying to integrate httpd with LDAP (Active Directory) but I am running into some trouble: Every time I try to login, here is what I see: Tue Jul 05 09:23:50.471191 2016] [ssl:info] [pid 35839:tid