Apache LDAP Authentication

Latest response

OK, I've searched all day and followed every guide I can and I'm still not getting anywhere with this.

I'm running:
RHEL 7.4
httpd 2.4.6-67
mod_ldap 2.4.6-67

and no matter what I put in the config for ldap I get the same error:
AH00526: Syntax error on line 8 of /etc/httpd/conf.modules.f/ldap.conf:
Unknown Authn provider: ldap

the offending config file is here:

SetHandler ldap-status
Require host internal.domain

Satisfy any
AuthType Basic
AuthName "LDAP/AD Authentication"
AuthBasicProvider ldap
AuthLDAPURL "ldap://hostname/dc=internal,dc=domain?uid?one"
Require valid-user

I've tried in the vhost config and in the above ldap config and get the same error.

Against better judgement I also disabled selinux (setenforce 0) but to no avail.

Any thoughts anybody?

Andy

Responses

Did you check https://stackoverflow.com/questions/26476853/apache-2-4-and-ldap?

"Do you have LoadModule authnz_ldap_module modules/mod_authnz_ldap.so and LoadModule ldap_module modules/mod_ldap.so?"

Hi Siem,

It's my understanding that mod_authnz_ldap has been rolled up into mod_ldap now. I can find no reference to it on my Satellite 6.2 server in any channel. Having said that I do have mod_ldap.so and mod_authnz_ldap.so do exist in /etc/httpd/modules

Andy

Hi Siem,

Fixed it!!

So the modules were installed but the ldap.load in /etc/conf.modules.d only referenced the mod_ldap.so and not "LoadModule authnz_ldap_module modules/mod_authnz_ldap.so".

Thanks for pointing me in the right direction.

Andy

Hello Andy,

In my Satellite looking for the mod_ldap rpm it shows the following repository name for RHEL 7:

repo

  • Red Hat Enterprise Linux 7 Server - Optional RPMs x86_64 7Server

product

  • Red Hat Enterprise Linux Server

repo-id

  • rhel-7-server-optional-rpms

Regards,

Jan Gerrit

Hi Jan, Yep, I have mod_ldap installed, it was the reference to mod_authnz_ldap that I don't have. Andy

Hi Andy,

I see Siem and you fixed the issue. So I stop quering my Satellite. Success.

Some of my colleagues want to apply the same technique. Could you share the config lines that you added to get it to work?

Regards,

Jan Gerrit

Hi Jan,

I simply added: LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

to /etc/httpd/conf.modules.d/ldap.load

Hope that works for you too.

Andy

Hi Friends, I have did zip based installation of am facing issue Redhat jbcs-httpd24-2.4.37 on RHEL 8, but it is working on RHEL 7.x

Facing below issue on RHEL 8 Cannot load modules/mod_ldap.so into server: /opt/apache/jbcs-httpd24-2.4/httpd/lib/libcrypto.so.1.1: version `OPENSSL_1_1_1b' not found (required by /lib64/libk5crypto.so.3)

Can anyone please help and share any workaround for it.

Thanks, Rajveer Singh