Apache 2.4 with multiple LDAP providers fails to authenticate

Question

Running into a strange problem.

I have an apache site with (single) LDAP authentication that runs fine.

However, I need to add a second ldap server to it, so I'm using AuthnProviderAlias for that, and now it keeps on reporting that the user cannot be found, even though the authentication information is exactly the same.

So this works:

<Location />
   AuthFormProvider ldap
   AuthName "Windows user authentication"
   AuthLDAPBindDN CN=<cn>,OU=<ou>,DC=<dc>,DC=<dc>,DC=<dc>
   AuthLDAPBindPassword <password>
   AuthLDAPURL ldap://<ip>/dc=<dc>,dc=<dc>,DC=<dc>?sAMAccountName?sub?(objectClass=*)
...

However moving exact the same information to an alias results in that dreaded 'user not found' error.

<AuthnProviderAlias ldap ldap-alias>
   AuthLDAPBindDN CN=<cn>,OU=<ou>,DC=<dc>,DC=<dc>,DC=<dc>
   AuthLDAPBindPassword <password>
   AuthLDAPURL ldap://<ip>/dc=<dc>,dc=<dc>,DC=<dc>?sAMAccountName?sub?(objectClass=*)
</AuthnProviderAlias>

...
<Location />
   AuthFormProvider ldap-alias
   AuthName "Windows user authentication"
...

I must be overseeing something very simple but fail to spot it.

Thanks a lot for your help.

Btw, running Apache 2.4.7 on Ubuntu 14.03.

I've not used AuthFormProvider before so it may be different... but have you tried using AuthBasicProvider instead? — BeepBeep, Mar 27 '15 at 18:01
No, haven't tried it. Could give it a shot but only for troubleshooting purposes as I need to stick with forms based authentication. — Jan Klaassen, Mar 29 '15 at 11:39

Apache 2.4 with multiple LDAP providers fails to authenticate

0 Answers0