Re: [users@httpd] Novell and mod_ldap - User is not unique (search found two or more matches)

Thu, 21 Dec 2006 06:38:57 -0800 

On Do, 2006-12-21 at 12:33 -0300, Fábio Coelho wrote:
> Hi dears
> 
> My Name is Fábio Coelho, I'am a brazilian Linux admin.
> 
> I'm trying to configure Apache to authenticate anonymously against
> Novell Ldap, and I did a ldapsearch from the console, with the filter:
> 
> &(cn=qlx)(objectClass=Person)
> 
> that returns the following text:
> 
> administrativo:/opt/personalizados # ldapsearch -h ldap.jfsc.gov.br -x
> -b o=jfsc -s sub '(&(cn=qlx)(objectClass=Person))' objectClass
> # extended LDIF
> #
> # LDAPv3
> # base <o=jfsc> with scope subtree
> # filter: (&(cn=qlx)(objectClass=Person))
> # requesting: objectClass
> #
> 
> # QLX, NINF, FLP, JFSC
> dn: cn=QLX,ou=NINF,ou=FLP,o=JFSC
> objectClass: inetOrgPerson
> objectClass: organizationalPerson
> objectClass: Person
> objectClass: ndsLoginProperties
> objectClass: Top
> objectClass: qmailUser
> 
> # search result
> search: 2
> result: 0 Success
> 
> # numResponses: 2
> # numEntries: 1
> 
> 
> 
> 
> 
> One entrie, but for apache are two, using the same filter:
> 
> 
> 
> 
>     <Directory "/srv/www/newdesenv/htdocs/">
>         AuthName "Autenticacao LDAP"
>         AuthType Basic
>         AuthBasicProvider ldap
>         AuthLDAPRemoteUserIsDN on
>         AuthLDAPURL   ldap://ldap.jfsc.gov.br/  \
>                       o=JFSC?cn?sub?(objectClass=Person)
>         Require valid-user
>         Options Indexes FollowSymLinks
>         AllowOverride None
>         Order allow,deny
>         Allow from all
>     </Directory>
> 
> result in the error
> 
> [Mon Dec 18 12:52:54 2006] [warn] [client 10.5.3.92] [7194] auth_ldap
> authenticate: user qlx authentication failed; URI /info.php [User is not
> unique (search found two or more matches)][No such object]
> 
> It is a bug or a characteristic? How can i circunvent this?
> 
> Thank you for the atention
> 
> Fábio Coelho
> 
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
>    "   from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to