Sorry for delay, I didn't receive any notify about your reply. That command gives me an error:
-bash: syntax error near unexpected token `('
Anyway I think to have found the issue: The "AuthLDAPUrl" string seems to be wrong.
Mine is (from fresh install but after restoring LDAP from previus setup):
ldap://127.0.0.1:389/o=domains,dc=fracassetti,dc=lan?mail?sub?(&(objectclass=mailUser)(accountStatus=active)(enabledService=domainadmin)(domainGlobalAdmin=yes))
But trying this search with phpLDAPAdmin it gives me no results: There is no user with objectclass=mailUser, accountStatus=active, enabledService=domainadmin and domainGlobalAdmin=yes in the subtree "o=domains,dc=fracassetti,dc=lan".
In fact, user "postmaster@fracassetti.it" is registered in subtree "o=domainAdmins,dc=fracassetti,dc=lan" with this definitions:
mail=postmaster@fracassetti.it
dn mail=postmaster@fracassetti.it,o=domainAdmins,dc=fracassetti,dc=lan
accountStatus active
cn postmaster
domainGlobalAdmin yes
enabledService awstats
givenName postmaster
Email postmaster@fracassetti.it
objectClass mailAdmin
shadowAccount
top
preferredLanguage en_US
User Name postmaster
Password ****************
so this user simply can't be used to login to awstats.
To allow postmaster@fracassetti.it to login in awstats the AuthLDAPUrl string should be changed as follow:
# Require that authorized user is ("active") AND (("mailUser" AND "Domainadmin") OR "GlobalAdmin=yes" )
# AuthLDAPUrl ldap://127.0.0.1:389/dc=fracassetti,dc=lan?mail?sub?(&(accountStatus=active)(|(&(objectclass=mailUser)(enabledService=domainadmin))(domainGlobalAdmin=yes))) TLS
or
# Require that authorized users satisfy 3 conditions: "accountStatus=active" AND ("GlobalAdmin=yes" OR "enabledService=awstats" OR "enabledService=domainadmin" ) AND ( "objectclass=mailUser" OR "objectclass=mailAdmin").
AuthLDAPUrl ldap://127.0.0.1:389/dc=fracassetti,dc=lan?mail?sub?(&(accountStatus=active)(|(enabledService=awstats)(enabledService=domainadmin)(domainGlobalAdmin=yes))(|(objectclass=mailUser)(objectclass=mailAdmin))) TLS
In both "TLS" at the end is not required for authentication but it works.
Using this AuthLDAPUrl I can now login to awstats using postmaster account.
P.S:
Sorry for my English but is late night...