Nginx + ldap auth

Danila nginx-forum at forum.nginx.org
Mon Aug 12 08:44:46 UTC 2019


Hello i have nginx 1.16.0 and some modules: nginx-auth-ldap,
nginx-dav-ext-module, headers-more-nginx-module, nginx-upload-module.

I try do ldap auth on  some directory. 

config 

http {

####Block_integration_with_ldap ##############
ldap_server mydomain{
        url
"ldap://mydomain:3268/DC=mydimain,DC=local?sAMAccountName?sub?(objectClass=person)";
        binddn 'admin at mydomain.local';
        binddn_passwd 'adm_pass';
        require valid_user;
        }
ldap_server mydomain2{
        url
"ldap://mydomain:3268/DC=mydimain,DC=local?sAMAccountName?sub?(objectClass=person)";
        require user "CN=test,DC=MYDOMAIN,DC=LOCAL";
        group_attribute uniquemember;
        group_attribute_is_dn on;
        referral on;
        }
############Block log ########################
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request"
'
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
##############Block gzip settings########################
    gzip                        on;
    gzip_comp_level             2;
    gzip_vary                   on;
    gzip_min_length             1;
    gzip_proxied                any;
    gzip_types                  text/plain
                                text/css
                                application/x-javascript
                                text/xml
                                application/xml
                                application/xml+rss
                                text/javascript
                                application/javascript
                                application/json;
##########################################################
    sendfile                    on;
    tcp_nopush                  on;
    charset                     utf-8;
    keepalive_timeout           65;
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    include /etc/nginx/conf.d/*.conf;
}


With first auth "mydomain" on location / all Ok.
But With second auth "mydomain2" on location /user  ask login and password
but not work

Log:
http_auth_ldap: Initial bind failed (49: Invalid credentials [80090308:
LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e,
v1db1])

49: Invalid credentials talk about incorrect password. But i sure what
password is correct.

Has anyone had such problems?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,285191,285191#msg-285191



More information about the nginx mailing list