Authentication Ldap身份验证-始终返回无效凭据
我在centos上的ldap配置有问题。我必须设置ldap配置,允许特定用户通过web访问目录。 我已经研究了关于这个话题的其他问题和答案,但没有找到解决方案 这是我的ldap配置:Authentication Ldap身份验证-始终返回无效凭据,authentication,ldap,Authentication,Ldap,我在centos上的ldap配置有问题。我必须设置ldap配置,允许特定用户通过web访问目录。 我已经研究了关于这个话题的其他问题和答案,但没有找到解决方案 这是我的ldap配置: LDAPVerifyServerCert Off <Location "/users"> AuthType Basic AuthName "Authentication required" AuthBasicProvider ldap AuthLDAPURL ldaps://hosta/ou=
LDAPVerifyServerCert Off
<Location "/users">
AuthType Basic
AuthName "Authentication required"
AuthBasicProvider ldap
AuthLDAPURL ldaps://hosta/ou=People,dc=lab,dc=local?uid
AuthLDAPBindDN uid=ApacheUser,ou=ServiceUser,dc=lab,dc=local
AuthLDAPBindPassword {SSHA}KS9kGBfWdnC8NrXmFEOxzaYDNZbD2BNj
Require valid-user
</Location>
但使用的凭证绝对正确
通过ldapsearch,我收到joe的以下结果:
ldapsearch-Hldaps://hosta -D uid=ApacheUser,ou=ServiceUser,dc=lab,dc=local-b uid=joe,ou=People,dc=lab,dc=local-W
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <uid=joe,ou=People,dc=lab,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# joe, People, lab.local dn: uid=joe,ou=People,dc=lab,dc=local objectClass: person objectClass: inetOrgPerson objectClass:
organizationalPerson objectClass: posixAccount cn: Joe Everyman
uidNumber: 1010 gidNumber: 99 homeDirectory: /home/joe loginShell:
/bin/bash sn: Everyman givenName: Joe uid: joe userPassword::
e1NTSEF9S1M5a0dCZldkbkM4TnJYbUZFT3h6YVlETlpiRDJCTmo=
# search result search: 2 result: 0 Success
# numResponses: 2
# numEntries: 1
我希望你能给我一个提示,我的配置有什么问题
溴
Michael您是否尝试过使用普通格式的AuthLDAPBindPassword值进行配置?我还见过其他一些实例,其中有人评论说在LDAP绑定期间使用散列值不起作用。Thx!这就是解决办法!您可以尝试向AuthLDAPURL添加引号
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <uid=joe,ou=People,dc=lab,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# joe, People, lab.local dn: uid=joe,ou=People,dc=lab,dc=local objectClass: person objectClass: inetOrgPerson objectClass:
organizationalPerson objectClass: posixAccount cn: Joe Everyman
uidNumber: 1010 gidNumber: 99 homeDirectory: /home/joe loginShell:
/bin/bash sn: Everyman givenName: Joe uid: joe userPassword::
e1NTSEF9S1M5a0dCZldkbkM4TnJYbUZFT3h6YVlETlpiRDJCTmo=
# search result search: 2 result: 0 Success
# numResponses: 2
# numEntries: 1