Apache2.4 ldap authentication causes 500 error

Question

I have a directory I am trying to set up ldap authentication for a directory in my site configuration.

I have the following in the virtual host entry

<Directory /mysite/myfolder>
Require all denied
AuthLDAPBindAuthoritative on
AuthBasicProvider ldap
AuthType Basic
AuthName "Company Name"

AuthLDAPBindDN "cn=smbuser,cn=users,dc=ourdomain,dc=com"
AuthLDAPBindPassword OurPassword
AuthLDAPUrl ldap://our.ip.add.ress:ourport/cn=Users,dc=ourdomain,dc=com?samAccountName?sub?(objectClass=*)

Require ldap-group cn=Admin Group,cn=Users,dc=ourdomain,dc=com
</Directory>

When I browse to the site/folder I get prompted for authentication, and when I authenticate I get a "Internal Server Error" and nothing is reported in the logs.

I had pulled this from a server that we have migrated and upgraded. It used to run on Apache 2.2, now it is on 2.4.

Does everything look correct, I don't understand why it is giving a 500 error and not reporting anything to the log files.

Thanks for your help/insight!

Answer 1

Make sure mod_ldap is installed, eg in Centos/RHEL you can run:

yum install mod_ldap

A lesson learned from my experience recently, our sysadmin forgot to install the mod and costs me several hours to troubleshoot.

Answer 2

The LDAP connection was blocked via the LDAP servers network firewall. Once the port was opened to allow the new server everything works as expected.

I have to say that this was seriously annoying and any type of output or logging would have been extremely helpful in identifying this right off the bat.