[Samba] Authenticating Apache Against Active Directory

James lingpanda101 at gmail.com
Mon May 11 10:43:13 MDT 2015 

On 5/11/2015 11:42 AM, John Yocum wrote:
> On 05/11/2015 08:24 AM, James wrote:
>> Hello,
>>
>>     Using Nagios on Ubuntu 14.04.1 LTS. I'm attempting to authenticate
>> users against Samba 4.2.1. When I edit 'apache2.conf' with
>>
>>
>> <Directory />
>>         Options FollowSymLinks
>>         AllowOverride None
>>         Require all granted
>>         Allow from all
>>         AuthName "AD authentication"
>>         AuthBasicProvider ldap
>>         AuthType Basic
>>         AuthLDAPGroupAttribute member
>>         AuthLDAPGroupAttributeIsDN On
>>         AuthLDAPURL
>> ldap://dc1.domain.local/172.16.232.29:389/cn=Users,dc=domain?sAMAccountName?sub?(objectClass=*)
>>         AuthLDAPBindDN cn=apache-connect,cn=Users,domain
>>         AuthLDAPBindPassword password
>>         require ldap-group cn=Nagios-Admins,cn=Users,domain
>>
>>
>> and attempt to restart Apache. I get the following.
>>
>> root at nagios:~# service apache2 restart
>>  * Restarting web server
>> apache2                                                                                                             
>> [fail]
>>  * The apache2 configtest failed.
>> Output of config test was:
>> AH00526: Syntax error on line 159 of /etc/apache2/apache2.conf:
>> Unknown Authn provider: ldap
>> Action 'configtest' failed.
>> The Apache error log may have more information.
>>
>> I'm not seeing anything of help in the Apache logs. 
>>
> Have you enabled the Apache LDAP module with "a2enmod authnz_ldap"?
>
>
I'm receiving this in my apache logs

[Mon May 11 12:38:26.033264 2015] [auth_basic:error] [pid 1195] [client
172.16.232.30:41027] AH01617: user username: authentication failure for
"/nagios/": Password Mismatch

In my Samba logs with a log level of 3 I get

[2015/05/11 12:38:26.776323,  3, pid=1157, effective(0, 0), real(0, 0)]
../lib/ldb-samba/ldb_wrap.c:321(ldb_wrap_connect)
  ldb_wrap open of secrets.ldb
[2015/05/11 12:38:26.794712,  3, pid=1157, effective(0, 0), real(0, 0)]
../source4/smbd/service_stream.c:66(stream_terminate_connection)
  Terminating connection - 'ldapsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
[2015/05/11 12:38:26.794764,  3, pid=1157, effective(0, 0), real(0, 0)]
../source4/smbd/process_single.c:114(single_terminate)
  single_terminate: reason[ldapsrv_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED]

I know the password is correct. Any ideas? Thanks.

-- 
-James

More information about the samba mailing list