nginx-auth-ldap icon indicating copy to clipboard operation
nginx-auth-ldap copied to clipboard

Published 20 hours ago verified publisher icon kvspb

Parse error problems on nginx restart and LDAP group issues

Open phlegx opened this issue 10 years ago • 3 comments

Hi there,

Adding the LDAP stuff as you suggest on your Wiki page does work fine. Authentication does work also with groups. However restarting nginx throws me some errors:

Starting nginx: nginx: [emerg] http_auth_ldap: parse_require in /etc/nginx/nginx.conf:39
nginx: [emerg] http_auth_ldap: Setting group in /etc/nginx/nginx.conf:39
nginx: [emerg] http_auth_ldap: parse_require in /etc/nginx/nginx.conf:40
nginx: [emerg] http_auth_ldap: Setting group in /etc/nginx/nginx.conf:40
nginx: [emerg] http_auth_ldap: parse_require in /etc/nginx/nginx.conf:41

Not sure why this happens. Also I have an issue with the second group. Somehow it is not recognized, it was working like that with apache httpd but not with Nginx LDAP module I'm afraid.

Here is my Nginx config file:

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    ldap_server example_ldap {
      url ldaps://ldap.example.com:636/ou=People,dc=example,dc=com?mail?sub?(objectClass=*);
      binddn "cn=user,dc=example,dc=com";
      binddn_passwd PASSWORD;
      group_attribute uniquemember;
      group_attribute_is_dn on;
      require group 'cn=Administrators,ou=Groups,dc=example,dc=com';
      require group 'cn=NagiosUser,ou=Nagios,ou=Applications,dc=example,dc=com';
      require valid_user;
    }

    include /etc/nginx/sites-enabled/*.conf;     
}

If someone can help me that would be really great, thanks!

phlegx avatar Oct 02 '15 15:10 phlegx

I am also getting that parse error.. Although it does seem to work regardless of the error.

CorbanR avatar Nov 02 '15 22:11 CorbanR

For the Setting group and parse_require messages, see #88

bbigras avatar Jan 14 '16 18:01 bbigras

I am also getting the same issue. http_auth_ldap: parse_require in /etc/nginx/nginx.conf

I am trying to use the following test server with my nginx. URL: http://www.forumsys.com/en/tutorials/integration-how-to/ldap/online-ldap-test-server/

   ldap_server test1 {
    url ldap://ldap.forumsys.com:389/ou=scientists,dc=example,dc=com?sAMAccountName?sub?(objectClass=person);
    binddn "tesla";
    binddn_passwd "password";
    group_attribute "scientists";
    group_attribute_is_dn on;
    require "tesla";
}

Can anyone please share the solution here. Thanks.

arubasu avatar Jun 13 '16 14:06 arubasu