我正在尝试将 LDAP 身份验证查找配置从旧安装移植到 Apache 2.4。我对 LDAP 不太了解。
当我运行 configtest 时,我得到的只是错误消息:
AH00526:/file_path/ldapdir.conf 第 130 行语法错误:
解析时 LDAP URL 错误。
这是 AuthLDAPURL 末尾的行号
那条线有什么问题?
<Directory "/usr/local/www/docs/it/snaps">
Options -Indexes +FollowSymLinks +ExecCGI +Includes
# Was
# Order deny,allow
# Deny from All
Require all denied
AuthName "Enter Your Netid and Password"
AuthType basic
AuthBasicProvider ldap
# Known obsolete directive
# AuthzLDAPAuthoritative off
AuthLDAPBindDN "cn=sanitycheck, ou=Service, dc=example, dc=com"
AuthLDAPBindPassword "xxxxxxx"
AuthLDAPURL "ldaps://server1.example.com:1636\
ldaps://server2.example.com:1636\
ldaps://server3.example.com:1636\
ldaps://server4.example.com:1636/dc=example,dc=com?uid?sub?(objectClass=*)" TLS
Require valid-user
Satisfy any
</Directory>
答案1
尝试在每一行(第一行除外)中不使用 ldaps://:
AuthLDAPURL "ldaps://server1.example.com:1636 server2.example.com:1636 server3.example.com:1636 server4.example.com:1636/dc=example,dc=com?uid?sub?(objectClass=*)" TLS
如文档中所述:https://httpd.apache.org/docs/2.4/en/mod/mod_authnz_ldap.html#authldapurl
之后您可以使用 baskslashes 来测试它是否有效。