On 2005-03-16 12:07:47 -0500, Brian Fohl wrote:
> Thanks for the advice, Dominic. I am loading mod_authz_svn, but I
> have "SVNPathAuthz off" in my Location tag, so I don't know if that
> matters. Here's the error I'm getting in the log:
> [Wed Mar 16 11:46:47 2005] [warn] [client 10.0.0.144]  auth_ldap
> authenticate: user firstname.lastname authentication failed; URI
> /svn/repo/!svn/act/5fb8bcac-3621-e84f-910d-ed334639c888 [LDAP:
> ldap_simple_bind_s() failed][Unavailable]
Well, the man page for ldap_error has this in it:
LDAP_UNAVAILABLE The DSA is unavailable.
Not exactly helpful. DSA is directory server agent, which I guess is
is the AD server in this case.
I poked around a little bit and it seems like this error can be related
to the ldap client being unable to negotiate an authentication protocol
with the server. Did you compile mod_ldap with SSL enabled? I think I
read somewhere that by default AD only accepts encrypted requests.
The only other thing I can think of is maybe there is something wrong
with your AuthLDAP parameters? I can post what worked for me tomorrow
if you'd like.
Again, don't take any of this as gospel, I just setup my configuration
using an Apache/AD/LDAP recipe I found online.
I've been told that to get what you want
You just gotta give what you can.
But I know for what I want -- it don't come easy as that.
Received on Thu Mar 17 05:31:43 2005
- application/pgp-signature attachment: stored