LDAP syntax error

Question

LDAP syntax error

Closed this issue 6 years ago · 5 comments

Hello
I have configured NGINX to act as front end reverse proxy with ldap authentication to connect to Oxidized. I need to auth users belonging to a specific group (could be nested group). NGINX and Oxidized are running on Ubuntu Xenial. NGINX version 1.14.0
Here's my config files:
/etc/nginx/nginx.conf

worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
      auth_ldap_cache_enabled on;
      auth_ldap_cache_expiration_time 10000;
      auth_ldap_cache_size 1000;
      ldap_server LDAP1 {
          url "ldaps://[IP of DC]/DC=[related_domain],DC=[related_sub_domain]?sAMAccountName?sub?(objectClass=person));          
	  binddn '[Domain]\\[used_account_for nginx]';
          binddn_passwd [account password];
          connect_timeout 5s;
          bind_timeout 5s;
          request_timeout 5s;
	  require group 'CN=[AD_group],OU=[related_OU] ,OU=[related_Account],DC=[related_domain],DC=[related_sub_domain]';
          group_attribute member;
          group_attribute_is_dn on;
          require valid_user;
          satisfy all;
			}
    sendfile        on;
    keepalive_timeout  65;
	include /etc/nginx/conf.d/*.conf;
}

/etc/nginx/conf.d/proxy.conf

 server
 {
      listen         80;
       server_name    [Server_name]  [IP];
       return         301 https://$server_name$request_uri;
}
server  {
  listen  443;
  server_name  Server_name]  [IP];
  ssl on;
  ssl_certificate     /etc/nginx/ssl/nginx.crt;
  ssl_certificate_key /etc/nginx/ssl/nginx.key;
  access_log  /var/log/nginx/host.access.log;
  auth_ldap "ACCES INTERDIT AUX PERSONNES NON-AUTORISEES";
  auth_ldap_servers LDAP1;
  location / {
         root   html;
        index  index.html index.htm;
    proxy_pass http://[Oxidized_server_name]:8080/;
       } 
}

I can't get it working, when I check config files with command:
service nginx configtest
I only get this type of error:
2018/06/11 15:14:11 [emerg] 17382#0: unexpected end of file, expecting ";" or "}" in /etc/nginx/nginx.conf:48

Suspecting a conversion error since I'm working in Wondows environment with WinSCP & Putty, I've tried a dos2unix conversion, but the error is still here ...
Any help would be appreciated...

Answer 1 · 2018-06-12T07:47:48.000Z

Am I the only one to experience such issue ?

Answer 2 · 2018-06-12T14:10:32.000Z

There is a missing " at the end of line 12 in your nginx.conf.
Maybe that's the issue?

Answer 3 · 2018-06-12T14:16:43.000Z

I'll check tomorrow when back to office, but I think it's a copy/paste error ...
Nevertheless, thanks for helping !

I noticed, yesterday when I commented the ldap-auth section, the configtest was OK ...
As soon as I un-commented it, there was this error

Answer 4 · 2018-06-13T08:31:49.000Z

I use vim with nginx markdown via SSH. That's very useful because of some syntax errors or forgotten quotes.
On Windows, Notepad++ is also good to create config files for nginx but mind the EOL setting.

There are special characters in the name of your AD groups, password or so?
I use single or double quote ( ' or " ) to prevent syntax errors.

Answer 5 · 2018-06-13T13:39:24.000Z

You were right, I just checked and the double quote was missing ...
thanks for your help !