将旧版用户查找转换为 Apache 2.4

将旧版用户查找转换为 Apache 2.4

我正在尝试将 LDAP 身份验证查找配置从旧安装移植到 Apache 2.4。我对 LDAP 不太了解。
当我运行 configtest 时,我得到的只是错误消息:
AH00526:/file_path/ldapdir.conf 第 130 行语法错误:
解析时 LDAP URL 错误。
这是 AuthLDAPURL 末尾的行号
那条线有什么问题?

<Directory "/usr/local/www/docs/it/snaps">
        Options -Indexes +FollowSymLinks +ExecCGI +Includes
        # Was
        # Order deny,allow
        # Deny from All
        Require all denied
        AuthName "Enter Your Netid and Password"
        AuthType basic
        AuthBasicProvider ldap
        # Known obsolete directive
        # AuthzLDAPAuthoritative off
        AuthLDAPBindDN "cn=sanitycheck, ou=Service, dc=example, dc=com"
        AuthLDAPBindPassword "xxxxxxx"

        AuthLDAPURL     "ldaps://server1.example.com:1636\
                         ldaps://server2.example.com:1636\
                         ldaps://server3.example.com:1636\
                         ldaps://server4.example.com:1636/dc=example,dc=com?uid?sub?(objectClass=*)" TLS

        Require valid-user
        Satisfy any
</Directory>

答案1

尝试在每一行(第一行除外)中不使用 ldaps://:

AuthLDAPURL "ldaps://server1.example.com:1636 server2.example.com:1636 server3.example.com:1636 server4.example.com:1636/dc=example,dc=com?uid?sub?(objectClass=*)" TLS

如文档中所述:https://httpd.apache.org/docs/2.4/en/mod/mod_authnz_ldap.html#authldapurl

之后您可以使用 baskslashes 来测试它是否有效。

相关内容