Nginx + ldap auth

Francis Daly francis at
Tue Aug 13 21:50:15 UTC 2019

On Mon, Aug 12, 2019 at 04:44:46AM -0400, Danila wrote:

Hi there,

> Hello i have nginx 1.16.0 and some modules: nginx-auth-ldap,
> nginx-dav-ext-module, headers-more-nginx-module, nginx-upload-module.

> ldap_server mydomain{
>         url
> "ldap://mydomain:3268/DC=mydimain,DC=local?sAMAccountName?sub?(objectClass=person)";
>         binddn 'admin at mydomain.local';
>         binddn_passwd 'adm_pass';
>         require valid_user;
>         }

You report that that one works. Note that it does have a binddn and
a binddn_passwd.

> ldap_server mydomain2{
>         url
> "ldap://mydomain:3268/DC=mydimain,DC=local?sAMAccountName?sub?(objectClass=person)";
>         require user "CN=test,DC=MYDOMAIN,DC=LOCAL";
>         group_attribute uniquemember;
>         group_attribute_is_dn on;
>         referral on;
>         }

You report that that one fails on the initial bind. It has no binddn
and no binddn_passwd.

If you copy the matching lines from the other block to here, does that
make a difference?

(Or: if you remove the bind* lines from the first block, does that one
stay working?)

Note that nginx-auth-ldap is not in stock-nginx; possibly the
documentation for whatever module you are using will have more

Good luck with it,

Francis Daly        francis at

More information about the nginx mailing list