Centos – Apache 2.4 with LDAP Authentication


we configured apache to use LDAP-Authentication:

AuthBasicProvider ldap
AuthLDAPURL "ldap://dc1.domain.local:3268 dc2.domain.local/DC=domain,DC=local?sAMAccountName?sub?(objectClass=user)"
AuthLDAPBindDN "CN=bind,OU=group,DC=domain,DC=local"
AuthLDAPBindPassword "secret"
AuthLDAPGroupAttribute member
#AuthLDAPGroupAttributeIsDN off

Require ldap-group CN=grp_users,OU=area,DC=domain,DC=local

For 90% of the users it works fine. But we have 2 problems:

  1. An user with japanese keyboard cant login. He always gets password mismatch. If he uses the on-screen-keyboard, everything works fine. The same application under windows/IIS works fine.

  2. Some users experience problems loggin in. Here is the error message:

    [Wed Jan 10 12:21:52.341509 2018] [authz_core:error] [pid 4276] [client ip.addr.local:21222] AH01631: user user: authorization failure for "/<URL>": , referer: https://app.domain.local/URL/

I found some issues with giving multiple domain controllers. Is there anything wrong?

kind regards


Best Answer

This is the solution for me the second problem:

All users havent been in grp_users. :(