我有一个configurationSVN服务器的CentOS 7服务器,我有另一台带有LDAP的Windows服务器2012R2,用于域控制器。 我可以使用ldapsearch与Windows服务器通信。
那么我现在的问题是,当我尝试通过浏览器login到svn服务器,无论我input什么,它出现一个内部错误(500)。
错误消息是:
[Thu May 12 13:27:36.786664 2016] [authz_core:debug] [pid 10377] mod_authz_core.c(809): [client 1.1.1.1:50409] AH01626: authorization result of Require valid-user : denied (no authenticated user yet) [Thu May 12 13:27:36.786695 2016] [authz_core:debug] [pid 10377] mod_authz_core.c(809): [client 1.1.1.1:50409] AH01626: authorization result of <RequireAny>: denied (no authenticated user yet) [Thu May 12 13:27:36.786732 2016] [authnz_ldap:debug] [pid 10377] mod_authnz_ldap.c(501): [client 1.1.1.1:50409] AH01691: auth_ldap authenticate: using URL ldap://a-d01:389/,dc=a,dc=domain,dc=com?sAMAccountName?sub?(ObjectClass=*) [Thu May 12 13:27:36.787048 2016] [ldap:debug] [pid 10377] util_ldap.c(372): AH01278: LDAP: Setting referrals to On. [Thu May 12 13:27:36.874625 2016] [authnz_ldap:info] [pid 10377] [client 1.1.1.1:50409] AH01695: auth_ldap authenticate: user svnuser authentication failed; URI /repo [ldap_search_ext_s() for user failed][Invalid DN syntax] 正如错误所述,在DN语法中似乎有错误:
[Thu May 12 13:27:36.874625 2016] [authnz_ldap:info] [pid 10377] [client 1.1.1.1:50409] AH01695: auth_ldap authenticate: user svnuser authentication failed; URI /repo [ldap_search_ext_s() for user failed][Invalid DN syntax]
根据错误日志,您已经使用过“ldap:// a-d01:389 /,dc = a,dc = domain,dc = com”,应该是“ldap:// a-d01:389 / dc = a,dc = domain,dc = com“。
[Thu May 12 13:27:36.786732 2016] [authnz_ldap:debug] [pid 10377] mod_authnz_ldap.c(501): [client 1.1.1.1:50409] AH01691: auth_ldap authenticate: using URL ldap://a-d01:389/,dc=a,dc=domain,dc=com?sAMAccountName?sub?(ObjectClass=*) [Thu May 12 13:27:36.787048 2016] [ldap:debug] [pid 10377] util_ldap.c(372): AH01278: LDAP: Setting referrals to On.