Project

General

Profile

[Solved] debugging ldap without auth.debug

Added by fwarren about 2 months ago

I am running lighttpd/1.4.55 with alpine linux. I am trying to use ldap authentication and am not sure how to get any diagnostic information out of lighthttpd to help with determining what I am doing wrong. I know that auth.debug has been depreciated. How do I get any more information than:

> 2022-03-29 10:07:12: (mod_auth.c.603) password doesn't match for / username: bob, IP: 192.168.1.15
> 

Replies (3)

RE: debugging ldap without auth.debug - Added by gstrauss about 2 months ago

I know that auth.debug has been depreciated. (sic)

That is because lighttpd will print to the error log if there is an operational issue, such as failing to connect to the LDAP server.

Please read: How to get support

If there are no other errors in the error log, check that you have configured mod_authn_ldap properly: mod_auth documentation.
If you failed to configured auth.backend.ldap.filter, then the password is rejected.
If you are using a blank password and did not configure auth.backend.ldap.allow-empty-pw, then the password is rejected.

RE: debugging ldap without auth.debug - Added by fwarren about 2 months ago

I have it working now. In my case because I am working with Active Directory it was ditching (uid=$):

auth.backend.ldap.filter = (samaccountname=$)
    (1-3/3)