Try auth_by_bind, optionally with a &quot;principal_name&quot; setting, if your version is newer than June 30, 2009, when this patch was applied:<br><br><a href="http://git.koha.org/cgi-bin/gitweb.cgi?p=Koha;a=commit;h=7c2e7ad410e59d6f0c21d76859656b8aa8838ecb">http://git.koha.org/cgi-bin/gitweb.cgi?p=Koha;a=commit;h=7c2e7ad410e59d6f0c21d76859656b8aa8838ecb<br>
</a><br>principal_name is designed to compensate for the differences between openldap and active directory.<br>--Joe<br><br><div class="gmail_quote">On Mon, Sep 14, 2009 at 11:55 AM, Nijnatten, Jan van <span dir="ltr">&lt;<a href="mailto:jan.v.nijnatten@philips.com">jan.v.nijnatten@philips.com</a>&gt;</span> wrote:<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi all,<br>
<br>
Earlier this month Anselm Olweny wrote:<br>
<br>
======<br>
I have installed koha in my institution library and would like patrons<br>
to login at the opac using their active directory accounts.<br>
<br>
I have followed the instructions in the Auth_with_ldap.pm file and<br>
made the necessary changes in the koha-conf.xml file.<br>
<br>
I have koha version 3.0100041, however when I login using a valid<br>
Active Directory account I get &quot;You entered an incorrect username or<br>
password.&quot; in the opac. There are also no errors in both apache and<br>
koha error logs.<br>
<br>
I am kindly requesting for any assistance in making this work. I would<br>
appreciate help relating to what changes I may need to do in active<br>
directory as well or Auth_with_ldap.pm. I have attached a copy of my<br>
koha-conf.xml so that you may show me what am getting wrong.<br>
======<br>
<br>
I have exactly the same problem: incorrect username, password.<br>
I haven&#39;t modified <a href="http://auth_with_ldap.pm" target="_blank">auth_with_ldap.pm</a> .<br>
<br>
See my koha-conf.xml attached.<br>
<br>
What are we doing wrong? Where can we debug?<br>
<br>
<br>
koha-conf.xml:<br>
&lt;yazgfs&gt;<br>
&lt;!-- [scheme:]host[:port][/databaseName] --&gt;<br>
&lt;!-- scheme: tcp, ssl, unix, http, sru --&gt;<br>
&lt;!-- can run all servers on tcp, but the unix socket is faster --&gt;<br>
<br>
&lt;listen id=&quot;biblioserver&quot; &gt;unix:/var/run/koha/zebradb/bibliosocket&lt;/listen&gt;<br>
&lt;listen id=&quot;authorityserver&quot; &gt;unix:/var/run/koha/zebradb/authoritysocket&lt;/listen&gt;<br>
&lt;!-- public server runs on tcp --&gt;<br>
&lt;!-- &lt;listen id=&quot;publicserver&quot; &gt;tcp:@:9999&lt;/listen&gt; --&gt;<br>
<br>
&lt;!-- Settings for special biblio server instance for PazPar2.<br>
     Because PazPar2 only connects to a Z39.50 server using TCP/IP,<br>
     it cannot use the Unix-domain socket that biblioserver uses.<br>
     Therefore, a custom server is defined. --&gt;<br>
&lt;!--<br>
&lt;listen id=&quot;mergeserver&quot;&gt;tcp:@:11001&lt;/listen&gt;<br>
&lt;server id=&quot;mergeserver&quot;  listenref=&quot;mergeserver&quot;&gt;<br>
    &lt;directory&gt;/var/lib/koha/zebradb/biblios&lt;/directory&gt;<br>
    &lt;config&gt;/etc/koha/zebradb/zebra-biblios.cfg&lt;/config&gt;<br>
    &lt;cql2rpn&gt;/etc/koha/zebradb/pqf.properties&lt;/cql2rpn&gt;<br>
&lt;/server&gt;<br>
--&gt;<br>
<br>
&lt;!-- BIBLIOGRAPHIC RECORDS --&gt;<br>
&lt;server id=&quot;biblioserver&quot;  listenref=&quot;biblioserver&quot;&gt;<br>
    &lt;directory&gt;/var/lib/koha/zebradb/biblios&lt;/directory&gt;<br>
    &lt;config&gt;/etc/koha/zebradb/zebra-biblios.cfg&lt;/config&gt;<br>
    &lt;cql2rpn&gt;/etc/koha/zebradb/pqf.properties&lt;/cql2rpn&gt;<br>
     &lt;!-- &lt;docpath&gt;xsl&lt;/docpath&gt; --&gt;<br>
     &lt;!-- &lt;stylesheet&gt;xsl/default.xsl&lt;/stylesheet&gt; --&gt;<br>
     &lt;!-- &lt;maximumrecordsize&gt;2000000&lt;/maximumrecordsize&gt; --&gt;<br>
     &lt;retrievalinfo&gt;<br>
       &lt;retrieval syntax=&quot;usmarc&quot; name=&quot;F&quot;/&gt;<br>
       &lt;retrieval syntax=&quot;usmarc&quot; name=&quot;B&quot;/&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;F&quot;/&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;B&quot;/&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;marcxml&quot;<br>
                  identifier=&quot;info:srw/schema/1/marcxml-v1.1&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;dc&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;mods&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;rdfdc&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;rss2&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;utils&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
     &lt;/retrievalinfo&gt;<br>
    &lt;xi:include href=&quot;/etc/koha/zebradb/explain-biblios.xml&quot;<br>
                xmlns:xi=&quot;<a href="http://www.w3.org/2001/XInclude" target="_blank">http://www.w3.org/2001/XInclude</a>&quot;&gt;<br>
      &lt;xi:fallback&gt;<br>
      &lt;explain xmlns=&quot;<a href="http://explain.z3950.org/dtd/2.0/" target="_blank">http://explain.z3950.org/dtd/2.0/</a>&quot;&gt;<br>
          &lt;serverInfo&gt;<br>
            &lt;host&gt;localhost&lt;/host&gt;<br>
            &lt;port&gt;9998&lt;/port&gt;<br>
            &lt;database&gt;biblios&lt;/database&gt;<br>
          &lt;/serverInfo&gt;<br>
        &lt;/explain&gt;<br>
      &lt;/xi:fallback&gt;<br>
    &lt;/xi:include&gt;<br>
&lt;/server&gt;<br>
&lt;serverinfo id=&quot;biblioserver&quot;&gt;<br>
        &lt;ccl2rpn&gt;/etc/koha/zebradb/ccl.properties&lt;/ccl2rpn&gt;<br>
        &lt;user&gt;kohauser&lt;/user&gt;<br>
        &lt;password&gt;[our kohauser pw]&lt;/password&gt;<br>
&lt;/serverinfo&gt;<br>
<br>
&lt;!-- AUTHORITY RECORDS --&gt;<br>
&lt;server id=&quot;authorityserver&quot;  listenref=&quot;authorityserver&quot; &gt;<br>
    &lt;directory&gt;/var/lib/koha/zebradb/authorities&lt;/directory&gt;<br>
    &lt;config&gt;/etc/koha/zebradb/zebra-authorities.cfg&lt;/config&gt;<br>
    &lt;cql2rpn&gt;/etc/koha/zebradb/pqf.properties&lt;/cql2rpn&gt;<br>
     &lt;!-- &lt;docpath&gt;xsl&lt;/docpath&gt; --&gt;<br>
     &lt;!-- &lt;stylesheet&gt;xsl/default.xsl&lt;/stylesheet&gt; --&gt;<br>
     &lt;!-- &lt;maximumrecordsize&gt;2000000&lt;/maximumrecordsize&gt; --&gt;<br>
    &lt;xi:include href=&quot;/etc/koha/zebradb/retrieval-info-auth-grs1.xml&quot;<br>
                xmlns:xi=&quot;<a href="http://www.w3.org/2001/XInclude" target="_blank">http://www.w3.org/2001/XInclude</a>&quot;&gt;<br>
      &lt;xi:fallback&gt;<br>
     &lt;retrievalinfo&gt;<br>
       &lt;retrieval syntax=&quot;usmarc&quot; name=&quot;F&quot;/&gt;<br>
       &lt;retrieval syntax=&quot;usmarc&quot; name=&quot;B&quot;/&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;marcxml&quot;<br>
                  identifier=&quot;info:srw/schema/1/marcxml-v1.1&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;dc&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;mods&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;rdfdc&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
       &lt;retrieval syntax=&quot;xml&quot; name=&quot;utils&quot;&gt;<br>
         &lt;backend syntax=&quot;usmarc&quot; name=&quot;F&quot;&gt;<br>
           &lt;marc inputformat=&quot;marc&quot; outputformat=&quot;marcxml&quot;<br>
                 inputcharset=&quot;utf-8&quot;/&gt;<br>
           &lt;xslt stylesheet=&quot;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl&quot;/&gt;<br>
         &lt;/backend&gt;<br>
       &lt;/retrieval&gt;<br>
     &lt;/retrievalinfo&gt;<br>
      &lt;/xi:fallback&gt;<br>
    &lt;/xi:include&gt;<br>
    &lt;xi:include href=&quot;/etc/koha/zebradb/explain-authorities.xml&quot;<br>
                xmlns:xi=&quot;<a href="http://www.w3.org/2001/XInclude" target="_blank">http://www.w3.org/2001/XInclude</a>&quot;&gt;<br>
      &lt;xi:fallback&gt;<br>
      &lt;explain xmlns=&quot;<a href="http://explain.z3950.org/dtd/2.0/" target="_blank">http://explain.z3950.org/dtd/2.0/</a>&quot;&gt;<br>
          &lt;serverInfo&gt;<br>
            &lt;host&gt;localhost&lt;/host&gt;<br>
            &lt;port&gt;9999&lt;/port&gt;<br>
            &lt;database&gt;authorities&lt;/database&gt;<br>
          &lt;/serverInfo&gt;<br>
        &lt;/explain&gt;<br>
      &lt;/xi:fallback&gt;<br>
    &lt;/xi:include&gt;<br>
&lt;/server&gt;<br>
&lt;serverinfo id=&quot;authorityserver&quot;&gt;<br>
    &lt;ccl2rpn&gt;/etc/koha/zebradb/ccl.properties&lt;/ccl2rpn&gt;<br>
    &lt;user&gt;kohauser&lt;/user&gt;<br>
    &lt;password&gt;[our kohauser pw]&lt;/password&gt;<br>
&lt;/serverinfo&gt;<br>
<br>
&lt;!-- ADDITIONAL KOHA CONFIGURATION DIRECTIVE --&gt;<br>
<br>
<br>
&lt;!-- db_scheme should follow the DBD driver name --&gt;<br>
&lt;!-- port info: mysql:3306 Pg:5432 (5433 on Debian) --&gt;<br>
&lt;config&gt;<br>
 &lt;db_scheme&gt;mysql&lt;/db_scheme&gt;<br>
 &lt;database&gt;koha&lt;/database&gt;<br>
 &lt;hostname&gt;localhost&lt;/hostname&gt;<br>
 &lt;port&gt;3306&lt;/port&gt;<br>
 &lt;user&gt;kohaadmin&lt;/user&gt;<br>
 &lt;pass&gt;[our kohaadmin pw]&lt;/pass&gt;<br>
 &lt;biblioserver&gt;biblios&lt;/biblioserver&gt;<br>
 &lt;biblioservershadow&gt;1&lt;/biblioservershadow&gt;<br>
 &lt;authorityserver&gt;authorities&lt;/authorityserver&gt;<br>
 &lt;authorityservershadow&gt;1&lt;/authorityservershadow&gt;<br>
 &lt;intranetdir&gt;/usr/share/koha/intranet/cgi-bin&lt;/intranetdir&gt;<br>
 &lt;opacdir&gt;/usr/share/koha/opac/cgi-bin/opac&lt;/opacdir&gt;<br>
 &lt;opachtdocs&gt;/usr/share/koha/opac/htdocs/opac-tmpl&lt;/opachtdocs&gt;<br>
 &lt;intrahtdocs&gt;/usr/share/koha/intranet/htdocs/intranet-tmpl&lt;/intrahtdocs&gt;<br>
 &lt;includes&gt;/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/includes/&lt;/includes&gt;<br>
 &lt;logdir&gt;/var/log/koha&lt;/logdir&gt;<br>
 &lt;pazpar2url&gt;<a href="http://kohadeb:11002/search.pz2" target="_blank">http://kohadeb:11002/search.pz2</a>&lt;/pazpar2url&gt;<br>
 &lt;install_log&gt;/usr/share/koha/misc/koha-install-log&lt;/install_log&gt;<br>
 &lt;useldapserver&gt;1&lt;/useldapserver&gt;<br>
  &lt;!-- LDAP SERVER (optional) --&gt;<br>
  &lt;ldapserver id=&quot;ldapserver&quot;  listenref=&quot;ldapserver&quot;&gt;<br>
   &lt;hostname&gt;<a href="http://nlvhtcway1dc001.code1.emi.philips.com" target="_blank">nlvhtcway1dc001.code1.emi.philips.com</a>&lt;/hostname&gt;<br>
   &lt;base&gt;dc=code1,dc=emi,dc=philips,dc=com&lt;/base&gt;<br>
   &lt;user&gt;[our admin CN ]&lt;/user&gt;             &lt;!-- DN, if not anonymous --&gt;<br>
   &lt;pass&gt;[our password]&lt;/pass&gt;          &lt;!-- password, if not anonymous --&gt;<br>
   &lt;replicate&gt;1&lt;/replicate&gt;       &lt;!-- add new users from LDAP to Koha database --&gt;<br>
   &lt;update&gt;1&lt;/update&gt;             &lt;!-- update existing users in Koha database --&gt;<br>
   &lt;auth_by_bind&gt;0&lt;/auth_by_bind&gt; &lt;!-- set to 1 to authenticate by binding instead of<br>
                                       password comparison, e.g., to use Active Directory --&gt;<br>
   &lt;mapping&gt;             &lt;!-- match koha SQL field names to your LDAP record field names --&gt;<br>
                  &lt;firstname    is=&quot;givenName&quot;      &gt;&lt;/firstname&gt;<br>
                  &lt;surname      is=&quot;sn&quot;             &gt;&lt;/surname&gt;<br>
                  &lt;address      is=&quot;company&quot;        &gt;&lt;/address&gt;<br>
                  &lt;city         is=&quot;l&quot;              &gt;Athens, OH&lt;/city&gt;<br>
                  &lt;zipcode      is=&quot;postalCode&quot;     &gt;&lt;/zipcode&gt;<br>
                  &lt;branchcode   is=&quot;branch&quot;         &gt;MAIN&lt;/branchcode&gt;<br>
                  &lt;userid       is=&quot;sAMAccountName&quot; &gt;&lt;/userid&gt;<br>
                  &lt;password     is=&quot;userPassword&quot;   &gt;&lt;/password&gt;<br>
                  &lt;email        is=&quot;mail&quot;           &gt;&lt;/email&gt;<br>
                  &lt;categorycode is=&quot;employeeType&quot;   &gt;PT&lt;/categorycode&gt;<br>
                  &lt;phone        is=&quot;telephoneNumber&quot;&gt;&lt;/phone&gt;<br>
   &lt;/mapping&gt;<br>
  &lt;/ldapserver&gt;<br>
&lt;/config&gt;<br>
&lt;/yazgfs&gt;<br>
<br>
<br>
<br>
<br>
<br>
Jan van Nijnatten MSc | information architect  |  Philips Research - HTC 34 p076 |  +31.40.27.47894<br>
<br>
The information contained in this message may be confidential and legally protected under applicable law. The message is intended solely for the addressee(s). If you are not the intended recipient, you are hereby notified that any use, forwarding, dissemination, or reproduction of this message is strictly prohibited and may be unlawful. If you are not the intended recipient, please contact the sender by return e-mail and destroy all copies of the original message.<br>

_______________________________________________<br>
Koha mailing list<br>
<a href="mailto:Koha@lists.katipo.co.nz">Koha@lists.katipo.co.nz</a><br>
<a href="http://lists.katipo.co.nz/mailman/listinfo/koha" target="_blank">http://lists.katipo.co.nz/mailman/listinfo/koha</a><br>
</blockquote></div><br>