Invalid command 'AuthzLDAPAuthoritative'

apache-2.2

Spec : Apache 2.24 O/s : Suse /RedHat /Windows

Windows : Apache httpd Linux : Apache DS (LDAP )

Task of Implementing Apache Httpd + LDAP + SSO (mod_session.so)

Getting error as stated below

"Invalid command 'AuthzLDAPAuthoritative', perhaps misspelled or defined by a module not included in the server configuration"

The setup was working in apache Httpd 2.22 + LDAP - SSO,hence as per docs,mod_session is suppose to work with apache 2.24 ..... :(

Does some body have any solutions

with regards karthik


You should read this: http://httpd.apache.org/docs/2.4/upgrading.html#run-time

That directive was removed after 2.4;


Not sure if it is the same problem, because i switched to 2.4 not 2.2.24. Everything worked fine with httpd 2.2.22 and stoped working with 2.4.4.

I'm loading the necessary modules in my httpd.conf:

LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so

My Ldap Conf looks as following:

<Location />
       AuthType Basic
       AuthName "LDAP Authentication"
       AuthBasicProvider ldap file
       AuthzLDAPAuthoritative off
       AuthLDAPURL "URL"
       AuthLDAPBindDN "BindDN"
       AuthLDAPBindPassword "BindPassword"
       Require valid-user 
       Order allow,deny
       Allow from all
</Location>

The Error message says:

/opt/httpd/dev/bin/apachectl -f /opt/httpd/UAT/conf/httpd.conf -k start
AH00526: Syntax error on line 60 of /opt/httpd/UAT/conf/vhosts/_hobbit.conf:
Invalid command 'AuthzLDAPAuthoritative', perhaps misspelled or defined by a module not included in the server configuration
make: *** [start] Error 1

I found the same error in a Mailing List: Link to Mailinglist
It looks like he found a solution: Link to Solution

Im already compiling as he said, using my own apr/apr-util and all ldap flags (--with-ldap, --enable-ldap, ...) but i still can't get it to work.

Maybe someone can figure something out?

EDIT / SOLUTION: Okay.. Deleting "AuthzLDAPAuthoritative off" from my Virtual Host Config worked. Looks like this setting was removed with 2.4.

Settings exist in 2.2 mod_authnz_ldap Documentation and doesnt exist in 2.4 mod_authnz_ldap Documentation. (Can't post Links because of lack of reputation)

Dunno if its okay for you to just delete it from your config, but i think it should work afterwards.


Looks like you haven't loaded the authnz_ldap_module:

LoadModule authnz_ldap_module modules/mod_authnz_ldap.so

AuthLDAPBindAuthoritative off

instead of

AuthzLDAPAuthoritative off (drop the 'z' and add Bind)

This helped me when working with apache 2.4 The 2.2 documentation said to use AuthzLDAPAuthoritative but the 2.4 documentation said to use AuthLDAPBindAuthoritative. Plus most examples around the web still use it with the 'z'. I'm not sure which version changed in.

Hope this helps.

Related

How to keep the time on multiple servers in sync
What is the recommended temperature range for a hard drive?
Can Windows Web Server 2008 act as VPN server?
How to force SSL (https) on Apache Location
Which Linux-Virtualization to choose for Server?
Notepad/Edit equivalent for Linux command line [closed]
Tape vs SSDs backups regarding long-term storage reliability
Is the community MySQL safe for production use?
How to Minimize Linux Server Reboots
grep to display folders which contain files which contain a string
Where are credentials for SQL Management Studio saved?
s3cmd fails too many times