i installed slapd (2.4.40+dfsg-1+deb8u2) recently, and i' m trying to get apache2 (2.4.10-10+deb8u7) authenticated through ldap. The system itself is debian (8.6).
Ldap should run on localhost on the default port, and using phpldapadmin the DN ( cn=admin,dc=1000,dc=hu ) seems to be ok. For apache2 authenticaion i use .htaccess file, and basic authentication (htpasswd file) works also fine.
My configucation is:
AuthName "Add your login message here."
AuthType Basic
AuthBasicProvider ldap
AuthLDAPURL "ldap://localhost:389/dc=1000,dc=hu?sAMAccountName?sub?(objectClass=*)"
AuthLDAPBindDN "cn=admin,dc=1000,dc=hu"
AuthLDAPBindPassword ******
require ldap-user testtest test ttest
.
Whatever i do, i got the "user not found" error in apache2 logs:
==> /var/log/apache2/error.log <==
[Sat Jan 21 12:54:29.272676 2017] [auth_basic:error] [pid 27767] [client 127.0.0.1:52852] AH01618: user ttest not found: /t1/
==> /var/log/apache2/access.log <==
127.0.0.1 - ttest [21/Jan/2017:12:54:29 +0100] "GET /t1/ HTTP/1.1" 401 738 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"
==> /var/log/apache2/error.log <==
[Sat Jan 21 12:54:44.388323 2017] [auth_basic:error] [pid 27766] [client 127.0.0.1:52854] AH01618: user test not found: /t1/
==> /var/log/apache2/access.log <==
127.0.0.1 - test [21/Jan/2017:12:54:44 +0100] "GET /t1/ HTTP/1.1" 401 738 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"
==> /var/log/apache2/error.log <==
[Sat Jan 21 12:54:49.460321 2017] [auth_basic:error] [pid 27770] [client 127.0.0.1:52856] AH01618: user testtest not found: /t1/
==> /var/log/apache2/access.log <==
127.0.0.1 - testtest [21/Jan/2017:12:54:49 +0100] "GET /t1/ HTTP/1.1" 401 738 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"
ttest, test and testtest are username, sn, cn in my system.
Password for AuthLDAPBindPassword is triple checked, also for the user.
Where do i make the mistake? Does the AuthLDAPURL have the right value in this scenario?
Well, in the above example the AuthLDAPURL was wrong for the described setup. It should be only:
AuthLDAPURL ldap://localhost/dc=256,dc=hu?cn?sub
.
I was getting the same error and it was related to using the default attribute 'uid' with Active Directory, rather than specifying sAMAccountName.
AuthLDAPURL ldap://192.168.1.1:389/dc=domain,dc=local?sAMAccountName
seem AuthLDAPURL question
I change:
ldap://localhost:389/dc=1000,dc=hu?sAMAccountName?sub?(objectClass=*)
ldap://localhost:389/dc=1000,dc=hu?name
refer to
Related
I have a docker compose file which creates node js, php container and one MySql DB. Everything works fine and containers are up. But when I try to check website status it gives me error 503 for a while. Website is up after like 5 minutes. I do not see any error in docker logs. docker stats command output is attached. Memory allocation looks fine.
App docker logs, you see 4 minutes difference there.
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.*.*.2. Set the 'ServerName' directive globally to suppress this message
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.*.*.2. Set the 'ServerName' directive globally to suppress this message
[Wed Aug 19 13:22:09.190559 2020] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.38 (Debian) PHP/7.3.18 configured -- resuming normal operations
[Wed Aug 19 13:22:09.190694 2020] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
172.*.*.* - - [19/Aug/2020:13:26:53 -0400] "GET / HTTP/1.1" 200 2327 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
172.*.*.* - - [19/Aug/2020:13:26:54 -0400] "GET /static/js/main.0c1fa848.chunk.js HTTP/1.1" 200 9534 "https://example.ai/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.39.149 Safari/537.36"
Docker logs does not guarantee that website is running fine, it can check the services status, but website may take some time to come UP. Try to find out how much time it takes after all the services you start manually.
I try to run my site on docker and this is my docker-compose.yml:
version: '2'
services:
php:
image: yiisoftware/yii2-php:7.1-apache
volumes:
- ~/projects/my-project-name.local/composer-
docker/cache:/root/.composer/cache:delegated
- ./:/app:delegated
ports:
- '8000:80'
When I run "docker-compose up -d --build" and open an url localhost:8000 the error occured "Forbidden.You don't have permission to access / on this server."
The logs of container is:
AH00112: Warning: DocumentRoot [/var/www/html] does not exist
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.22.0.2. Set the 'ServerName' directive globally to suppress this message
AH00112: Warning: DocumentRoot [/var/www/html] does not exist
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 172.22.0.2. Set the 'ServerName' directive globally to suppress this message
[Tue Jul 10 06:42:22.442648 2018] [mpm_prefork:notice] [pid 1] AH00163: Apache/2.4.25 (Debian) configured -- resuming normal operations
[Tue Jul 10 06:42:22.442713 2018] [core:notice] [pid 1] AH00094: Command line: 'apache2 -D FOREGROUND'
[Tue Jul 10 06:42:25.985025 2018] [core:error] [pid 17] [client 172.22.0.1:48650] AH00037: Symbolic link not allowed or link target not accessible: /var/www/html
172.22.0.1 - - [10/Jul/2018:06:42:25 +0000] "GET / HTTP/1.1" 403 503 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36"
[Tue Jul 10 06:42:26.117774 2018] [core:error] [pid 17] [client 172.22.0.1:48650] AH00037: Symbolic link not allowed or link target not accessible: /var/www/html, referer: http://localhost:8000/
172.22.0.1 - - [10/Jul/2018:06:42:26 +0000] "GET /favicon.ico HTTP/1.1" 403 513 "http://localhost:8000/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36"
When I use same docker-compose.yml with yii2 basic everything works fine.
Please help me to fix this problem. My OS is Ubuntu-18.04.
the yii2 docker image is based on the php image and has the following lines in its Dockerfile:
# Copy the app code into the image
COPY . /var/www/html
This is consistent with the warning from the logs.
When you add this to your Dockerfile, you should be fine (Assuming you have your source code in the current directory).
If you want to use the docker container as a development environemt, you could instead mount the folder of the source code to /var/www/html. In that case you have to add a volume:
volumes:
- .:/var/www/html # Add this line
I have an issue with my debian server.
I have a website hosted on an apache2 but 2 times per day, apache crash and my website is not accessible.
I have looked log files and I haven't a lot of information.
Here are my logs :
access.log
13.235.52.55:443 - - [24/May/2018:10:05:51 +0200] "GET / HTTP/1.1" 200 13244 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:52 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:52 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:53 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
13.235.52.55:443 - - [24/May/2018:10:05:54 +0200] "GET / HTTP/1.1" 200 13309 "-" "Python-urllib/2.7"
error.log
[Thu May 24 08:00:31.698217 2018] [mpm_prefork:notice] [pid 3544] AH00163: Apache/2.4.10 (Debian) OpenSSL/1.0.1t configured -- resuming normal operations
[Thu May 24 08:00:31.698270 2018] [core:notice] [pid 3544] AH00094: Command line: '/usr/sbin/apache2'
[Thu May 24 12:17:43.064962 2018] [mpm_prefork:notice] [pid 3544] AH00169: caught SIGTERM, shutting down
[Thu May 24 12:17:46.968823 2018] [mpm_prefork:notice] [pid 4518] AH00163: Apache/2.4.10 (Debian) OpenSSL/1.0.1t configured -- resuming normal operations
[Thu May 24 12:17:46.968889 2018] [core:notice] [pid 4518] AH00094: Command line: '/usr/sbin/apache2'
[Thu May 24 12:17:47.011670 2018] [mpm_prefork:notice] [pid 4518] AH00169: caught SIGTERM, shutting down
Generally, apache crash at 12:17PM and 00:17AM
I have already check for a DoS attack, but I have not enough access in the access.log
Finally, I have found the following in my phperror log
[24-May-2018 13:39:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 14:09:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 14:39:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 15:09:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 15:39:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 16:04:24 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
[24-May-2018 16:09:01 Europe/Berlin] PHP Warning: Module 'PDO' already loaded in Unknown on line 0
if someone can help me.. :-)
Thank you !
EDIT :
This is my journalctl when apache crashs
journalctl
Ok, finally i've found where was the problem.
It was due to Certbot. I had 2 domains not used for a long time and the SSL certificates was expirated. I have remove these certificates and my apache is currently running for 1 day and 13 hours.
If this solution can help someone.. ;)
I am using OpenStack Ocata release installed on my own servers. Long time all worked well.
A few days ago OpenStack dashboard starts frequently sign out users. And I can't figure out what is wrong.
Why httpd return 302 redirect to the login page? And how to debug what is wrong?
Httpd access logs:
10.0.0.2 - - [21/Mar/2018:08:29:26 +0000] "POST /dashboard/auth/login/ HTTP/1.1" 302 - "http://dashboard.example.com/dashboard/auth/login/?next=/dashboard/" "Mozilla/5.0 ... Firefox/59.0"
10.0.0.2 - - [21/Mar/2018:08:29:27 +0000] "GET /dashboard/ HTTP/1.1" 302 - "http://dashboard.example.com/dashboard/auth/login/?next=/dashboard/" "Mozilla/5.0 ... Firefox/59.0"
10.0.0.2 - - [21/Mar/2018:08:29:27 +0000] "GET /dashboard/identity/ HTTP/1.1" 200 53953 "http://dashboard.example.com/dashboard/auth/login/?next=/dashboard/" "Mozilla/5.0 ... Firefox/59.0"
193.169.81.251 - - [21/Mar/2018:08:29:29 +0000] "GET /dashboard/i18n/js/horizon+openstack_dashboard/ HTTP/1.1" 200 2372 "http://dashboard.example.com/dashboard/identity/" "Mozilla/5.0 ... Firefox/59.0"
10.0.0.2 - - [21/Mar/2018:08:29:33 +0000] "GET /dashboard/project/ HTTP/1.1" 302 - "http://dashboard.example.com/dashboard/identity/" "Mozilla/5.0 ... Firefox/59.0"
10.0.0.2 - - [21/Mar/2018:08:29:33 +0000] "GET /dashboard/auth/login/?next=/dashboard/project/ HTTP/1.1" 200 9041 "http://dashboard.example.com/dashboard/identity/" "Mozilla/5.0 ... Firefox/59.0"
10.0.0.2 - - [21/Mar/2018:08:29:34 +0000] "GET /dashboard/i18n/js/horizon+openstack_dashboard/ HTTP/1.1" 200 2372 "http://dashboard.example.com/dashboard/auth/login/?next=/dashboard/project/" "Mozilla/5.0 ... Firefox/59.0"
Httpd error logs:
[Wed Mar 21 08:29:26.646941 2018] [:error] [pid 41571] Attempted scope to domain default failed, will attemptto scope to another domain.
[Wed Mar 21 08:29:26.851412 2018] [:error] [pid 41571] Login successful for user "exampeuser", remote address 10.0.0.2.
[Wed Mar 21 08:29:27.161127 2018] [authz_core:error] [pid 25877] [client 10.0.0.2:44688] AH01630: client denied by server configuration: /usr/bin/keystone-wsgi-public, referer: http://dashboard.example.com/dashboard/auth/login/?next=/dashboard/
The problem was related to Memcached.
In my case, Memcached was DoSed from externally.
To resolve this I bind Memcached to local management interface instead any (0.0.0.0)
I am running Apache 2.2 with PHP5.3 running a PHP business app. Everything works fine from a business point of view, however I do get an error in my apache error.log
[Thu Nov 01 12:07:17 2012] [error] [client 10.200.8.37] File does not exist: /var/www/webroot/itassistant
[Thu Nov 01 12:07:17 2012] [error] [client 10.200.8.37] File does not exist: /var/www/webroot/xmldata
In my access.log the following is logged:
10.200.8.37 - - [01/Nov/2012:12:07:17 +0100] "GET /itassistant/ui/omaBaseFrame.htm HTTP/1.1" 404 490 "-" "Jakarta Commons-HttpClient/3.0.1"
10.200.8.37 - - [01/Nov/2012:12:07:17 +0100] "GET / HTTP/1.1" 200 348073 "-" "Jakarta Commons-HttpClient/3.0.1"
10.200.8.37 - - [01/Nov/2012:12:07:17 +0100] "GET /xmldata?item=All HTTP/1.1" 404 485 "-" "Jakarta Commons-HttpClient/3.0.1"
The PHP log gives no errors.
The PHP applications is the only application I am running and my application provider says that this isn't caused by the application.
I am running on an Ubuntu 12.04 server. Can anybody help me find the cause of these errors? How can I find out what is trying to call these non existing items and why
I have the same message in my access-logs, on al my web-servers. The message is logged daily, always at the same time. In our case HP-SIM (Systems Insight Manager monitoring tool) is causing these messages.