怎么没人回答亚!

starxing

又有问题了,看来我这的人气不是很高!
聚居人气把!!


又有问题了,
现在网页上能弹出登录的对话框,可是怎么也验证不过去,
配置文件如下:
LDAPSharedCacheSize 200000
LDAPCacheEntries 1024
LDAPCacheTTL 600
LDAPOpCacheEntries 1024
LDAPOpCacheTTL 600

<Location /ldap-status>;
   SetHandler ldap-status
   Order deny,allow
   Deny from all
   Allow from 127.0.0.1
</Location>;
<Directory /usr/local/apache2/htdocs/op>;
AuthType Basic
AuthName "root"
AuthLDAPEnabled on
AuthLDAPURL "ldap://192.168.3.3:389/dc=it,dc=com?uid"
AuthLDAPAuthoritative on
require group "dc=it,dc=com"
require valid-user
</Directory>;
openldap的日志是:
conn=34 fd=9 ACCEPT from IP=192.168.3.3:1421 (IP=0.0.0.0:389)
conn=34 op=0 BIND dn="" method=128
conn=34 op=0 RESULT tag=97 err=0 text=
conn=34 op=1 SRCH base="dc=it,dc=com" scope=2 filter="(&(objectClass=*)(uid=zyx))"
conn=34 op=1 SRCH attr=uid
<= bdb_equality_candidates: (uid) index_param failed (1
conn=34 op=1 SEARCH RESULT tag=101 err=0 nentries=3 text=
谁能帮我解决一下呀!

py

<Directory /usr/local/apache2/htdocs/op>;
AuthType Basic
AuthName "root"
AuthLDAPEnabled on
AuthLDAPURL "ldap://192.168.3.3:389/dc=it,dc=com?uid"
require valid-user
</Directory>;

把lidf文件贴出来

starxing

这个只是用来测试的.

dn: dc=it,dc=com
dc: it
description: d Corporation
objectClass: dcObject
objectClass: organization
o: Corporation

dn: uid=zyx, dc=it,dc=com
telephoneNumber: 13810246737
mail: starxing@starxing.com
userPassword:: sssssssss
uid: zyx
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
homePhone: 12345678901
sn: zyx
cn: zyx

dn: ou=people, dc=it,dc=com
userPassword:: c3Rhcnhpbmc=
ou: people
description: User Info
objectClass: top
objectClass: organizationalUnit

dn: uid=1,ou=people, dc=it,dc=com
telephoneNumber: 13800000414
userPassword:: sssssssss
uid: 1
jpegPhoto:: MTIzNDU2Nzg5MA==
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: hhh
cn: hhh

dn: cn=root, dc=it,dc=com
mail: root@root.com
userPassword:: secret
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: root
cn: root

dn: uid=3,ou=people, dc=it,dc=com
telephoneNumber: 13810241111
mail: ddd@dd.com
userPassword:: sssssssss
uid: 3
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: sss
cn: sss

dn: uid=qq, dc=it,dc=com
telephoneNumber: 65498732102
mail: qq@qq.com
userPassword::sssssssss
uid: qq
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: qq
cn: qq

dn: uid=zyx,ou=people, dc=it,dc=com
telephoneNumber: 13810246737
mail: starxing@starxing.com
userPassword:: sssssssss
uid: zyx
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
homePhone: 12345678901
sn: 张yx
cn: zyx

dn: ou=managers, dc=it,dc=com
userPassword:: sssssssss
ou: managers
description: mangers Info
objectClass: top
objectClass: organizationalUnit

dn: cn=starxing,ou=managers, dc=it,dc=com
mail: zyx1220@yahoo.com.cn
userPassword:: sssssssss
description: mananger for people
objectClass: person
objectClass: organizationalPerson
objectClass: top
objectClass: inetOrgPerson
sn: staring
cn: starxing

dn: ou=people,ou=managers, dc=it,dc=com
userPassword:: sssssssss
ou: people
objectClass: top
objectClass: organizationalUnit
description: User Info

dn: uid=1,ou=people,ou=managers, dc=it,dc=com
telephoneNumber: 13800000414
uid: 1
userPassword:: sssssssss
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
jpegPhoto:: MTIzNDU2Nzg5MA==
sn: hhh
cn: hhh

dn: uid=3,ou=people,ou=managers, dc=it,dc=com
telephoneNumber: 13810241111
mail: ddd@dd.com
uid: 3
userPassword:: sssssssss
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: ssssss
cn: ssssss

dn: uid=zyx,ou=people,ou=managers, dc=it,dc=com
telephoneNumber: 11111111111
mail: starxing@starxing.com
uid: zyx
userPassword:: sssssssss
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
homePhone: 12345678901
sn: zyx
cn: zyx

py

看看你的slapd.conf文件，index部分这样写
index        objectClass,uid,uidNumber,gidNumber,memberUid        eq
index        cn,mail,surname,givenname                        eq,subinitial
另外，建议加上objectClass: posixAccount

starxing

谢谢了,现在验证没有问题了,能验证能过去了.但是我想做成用户登录之后,看看他有什么权限,然后显示什么样的页面,不知道这个发怎么作呀,用程序控制,还是用目录的属性项控制,还是用apache控制.用程序控制的话,不能用PHP,PERL,JAVA等,我想作一个只用apache+openldap的用户登录和权限控制的网页.

py

你说的这个光用apache和ldap不好实现吧，多少还是要用到程序的。我用的Perl：-)

starxing

那就要安装其他的东西,最好不用其他的,老板有要求的

py

那就再想想别的办法吧，最后不行就写个apache模块

starxing

难道用apache自带的mod_ldap和mod_auth_ldap这两个模块不能完成吗?

py

这两个模块功能太简单，而且起作用的只是mod_auth_ldap