We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
mod_ldap problem
-
- Posts: 3
- Joined: Fri Jun 23, 2017 6:04 am
mod_ldap problem
Hi everyone
I faced a problem that this configuration does not work in apache2 installed from VestaCP repo on Centos7:
But the very same configuration works fine on standard apache2 from EPEL repository
Has anyone encountered such a problem? How did you solve it?
Thanks
I faced a problem that this configuration does not work in apache2 installed from VestaCP repo on Centos7:
Code: Select all
<AuthnProviderAlias ldap ldap-users>
AuthLDAPURL "ldap://ldap.example.com:389/dc=example,dc=com?uid?sub?(objectClass=inetOrgPerson)"
AuthLDAPBindDN "uid=user,cn=users,dc=example,dc=com"
AuthLDAPBindPassword "*****"
AuthLDAPGroupAttribute memberUid
AuthLDAPGroupAttributeIsDN off
</AuthnProviderAlias>
<VirtualHost 10.0.0.1:80>
ServerAdmin [email protected]
ServerName ldapauth.example.com
<Directory /home/ldapauth/web/ldapauth.example.com/public_html/>
Require all granted
</Directory>
<Location />
AuthType Basic
AuthName "Please enter your LDAP credentials"
AuthBasicProvider ldap-users
Require valid-user
</Location>
</VirtualHost>
Has anyone encountered such a problem? How did you solve it?
Thanks
Re: mod_ldap problem
Check both apache versions, I think vesta use epel repo also.
And check your port, by default nginx run in 80 so you may need change your config.
And check your port, by default nginx run in 80 so you may need change your config.
-
- Posts: 3
- Joined: Fri Jun 23, 2017 6:04 am
Re: mod_ldap problem
Hi, skamasleskamasle wrote:Check both apache versions, I think vesta use epel repo also.
And check your port, by default nginx run in 80 so you may need change your config.
httpd is installed from the vesta repository:
Code: Select all
Installed Packages
Name : httpd
Arch : x86_64
Version : 2.4.6
Release : 118.el7.centos
Size : 9.3 M
Repo : installed
From repo : vesta
Summary : Apache HTTP Server
URL : http://httpd.apache.org/
License : ASL 2.0
Description : The Apache HTTP Server is a powerful, efficient, and extensible
: web server.
Installed Packages
Name : mod_ssl
Arch : x86_64
Epoch : 1
Version : 2.4.6
Release : 118.el7.centos
Size : 219 k
Repo : installed
From repo : vesta
Summary : SSL/TLS module for the Apache HTTP Server
URL : http://httpd.apache.org/
License : ASL 2.0
Description : The mod_ssl module provides strong cryptography for the Apache Web
: server via the Secure Sockets Layer (SSL) and Transport Layer
: Security (TLS) protocols.
Code: Select all
# netstat -nlutp | grep -E "httpd|nginx"
tcp 0 0 10.0.0.1:80 0.0.0.0:* LISTEN 17881/httpd
tcp 0 0 0.0.0.0:8083 0.0.0.0:* LISTEN 826/nginx: master p
tcp 0 0 10.0.0.1:443 0.0.0.0:* LISTEN 17881/httpd
Thank you
Re: mod_ldap problem
I think you can change apache and install it from epel repo, with lite issues.
-
- Posts: 3
- Joined: Fri Jun 23, 2017 6:04 am
Re: mod_ldap problem
Thank you, skamasleskamasle wrote:I think you can change apache and install it from epel repo, with lite issues.
I reinstalled httpd from EPEL but because of it i had to reconfigure suexec manually because its version from @vesta repositary has a value 'AP_DOC_ROOT=/' (suexec -V command)
And the version from EPEL repositary has a value 'AP_DOC_ROOT=/var/www', because of it php on hosting wasn't working
Now we're attached to httpd version from @epel, and if server httpd is updated, suexec utility will have to be reconfigured again which isn't good
Maybe there're methods to fix LDAP authorization in httpd daemon from @vesta repositary?