Thanks a lot for the help from all of you. Just as a reference, if somebody with the same problem searches in the archive of this mailinglist: To enable ldap to a active directory in koha: In the file /etc/koha/sites/<instance>/koha-conf.xml <useldapserver>1</useldapserver> <ldapserver id="ldapserver" listenref="ldapserver"> <hostname>server.zhaw.ch</hostname> <base>OU=unit,DC=zhaw,DC=ch</base> <replicate>1</replicate> <update>1</update> <anonymous_bind>0</anonymous_bind> <auth_by_bind>1</auth_by_bind> <principal_name>%s@zhaw.ch</principal_name> <update_password>0</update_password> <mapping> <firstname is="givenname" ></firstname> <surname is="sn" ></surname> <userid is="samAccountName" ></userid> <email is="mail" ></email> <phone is="telephonenumber"></phone> <branchcode is="">T</branchcode> <categorycode is="">A</categorycode> </mapping> </ldapserver> It is needed that there is a Library with the code “T” and a Patron category with the code “A”. Next, you have to restart the following daemons: /etc/init.d/koha-common restart /etc/init.d/memcached restart Best, Patric
On 18 Mar 2019, at 16:55, Lichtsteiner Patric (lici) <lici@zhaw.ch> wrote:
Hi all,
We are currently evaluating koha for our university.
Right now, I’m trying to configure ldap authentication. I followed the following guides: https://openschoolsolutions.org/koha-ldap-setup/ https://perldoc.koha-community.org/C4/Auth_with_ldap.html
I did the following configuration in /etc/koha/sites/<library name>/koha-conf.xml
<useldapserver>1</useldapserver> <ldapserver id="ldapserver" listenref="ldapserver"> <hostname>ldap://ldap.domain.ch</hostname> <base>ou=users,DC=domain,DC=ch</base> <user>CN=srvc-koha,OU=unit,DC=domain,DC=ch</user><!-- DN, if not anonymous --> <pass>somepass</pass><!-- password, if not anonymous --> <replicate>1</replicate> <!-- add new users from LDAP to Koha database --> <update>1</update> <!-- update existing users in Koha database --> <auth_by_bind>1</auth_by_bind> <!-- set to 1 to authenticate by binding instead of password comparison, e.g., to use A$ --> <principal_name>%s@domain.ch</principal_name> <update_password>0</update_password> <mapping> <!-- match koha SQL field names to your LDAP record field names --> <firstname is="givenname" ></firstname> <surname is="sn" ></surname> <userid is="uidNumber" ></userid> <email is="mail" ></email> <phone is="telephonenumber"></phone> </mapping> </ldapserver>
I’m trying to login to OPAC, but get the error message "You entered an incorrect username or password.” and the log file /var/log/koha/<library name>/opac-error.log is still empty.
How can I debug the ldap authentication in koha?
Best, Patric _______________________________________________ Koha mailing list http://koha-community.org Koha@lists.katipo.co.nz https://lists.katipo.co.nz/mailman/listinfo/koha