apache mod_authnz_ldap - 500 error when blank username used

apache-2.4 windows-server-2012 ldap mod-auth-ldap

I've got Apache 2.4 running on Windows Server 2012.

I've got mod_authnz_ldap working except if users put a blank username. This results in a 500 internal server error.

this is the entry in httpd.conf for the "staff" area...

<Location "/staff">
    AuthType Basic
    AuthName "Staff Area"
    LDAPReferrals Off
    AuthBasicProvider ldap
    AuthUserFile /dev/null
    AuthLDAPBindDN [email protected]
    AuthLDAPBindPassword MyPassword
    AuthLDAPURL "ldap://server-dc1:389/ou=DomainUsers,dc=school,dc=com,dc=au?sAMAccountName?sub"
    Require ldap-group cn=staff,ou=staff,ou=DomainUsers,dc=school,dc=com,dc=au
</Location>

Anything obvious that I'm missing? Does anyone else use mod_authnz_ldap? Does your server not like blank usernames?


I just had to add...

AuthLDAPBindAuthoritative off

I'm not 100% sure why this is. Perhaps something to do with mod_authnz_ldap passing the auth on to somewhere else? but it works.

Hope this helps someone.

Related

Overriding Nagios hostgroup service with host service
Nagios not following redirect with check_http
Why is conntrackd not replicating state?
migrating puppet clients to a new puppet master (old puppet master server gone, only using backup)
MySQL: how to enable Slow Query Log?
How do I remove an orphaned Exchange 2010 server from the organization?
Using rsync to rename files during copying with --files-from?
How to send an "Everything is OK" notification from Nagios?
Deleting a Key Pair for AWS EC2 Instance with EBS
Request multiple IP-addresses via DHCP on a single physical interface (OpenBSD)
Policy based routing
Workaround SpamAssassin Y2K10 Bug (Mac OS X Server)