Hello, It looks like not so many people are using Koha 3.0 with LDAP as I didn't get any replies on a previous request. In a first instance, Koha was asking the LDAP server for information and LDAP returned that the user was not found: (user = jimmy) ****************************** * from koha-opac-error_log: * ****************************** [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: LDAP Auth rejected : invalid password for user 'jimmy'. LDAP error #5: LDAP_COMPARE_FALSE, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: # This code is returned when a compare request completes and the attribute value, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: given is not in the entry specified, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: , referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: HTML::Template::Pro:template doc-head-open.inc not found! at /usr/share/koha/lib/C4/Auth.pm line 833, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: HTML::Template::Pro:template doc-head-close.inc not found! at /usr/share/koha/lib/C4/Auth.pm line 833, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] EXPR:at pos 29: non-initialized variable virtualshelves, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl ************************************************* I tried changing Auth.pm with Auth_with_ldap.pm and now got this in the logs: ****************************** * from koha-opac-error_log: * ****************************** [Wed Jan 07 09:28:22 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:28:22 2009] opac-user.pl: Undefined subroutine &main::get_template_and_user called at /usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 37, <DATA> line 275., referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 10:09:44 2009] [error] [client 192.168.0.66] [Wed Jan 7 10:09:44 2009] opac-user.pl: Undefined subroutine &main::get_template_and_user called at /usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 37, <DATA> line 275., referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl *************************************************** And instead of being returned to the login box on the local koha-site this information is displayed: ************************************************* Koha error The following fatal error has occurred: Undefined subroutine &main::get_template_and_user called at /usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 37, <DATA> line 275. Apache Server version: Apache/2.2.8 (Ubuntu) Server built: Jun 25 2008 13:54:13 Koha 3.00.00.107 Koha DB 3.0000107 MySQL mysql Ver 14.12 Distrib 5.0.51a, for debian-linux-gnu (i486) using readline 5.2 OS Linux Octopus 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux Perl 5.008008 ************************************************* More info: this is Koha 3.0 on Ubuntu 8.04LTS server I found lots of info and patches about "get_template_and_user" but I do not know how to implement or use these patches nor do I know where to find the right one for my problem (patching opac-user.pl) I'll be thankful for any help or hint that helps me on the way of making this work! Chris Hendrickx, ICT Coördinator ***************************************************** ** Instituut Sancta Maria Aarschot ** ** Kardinaal Mercierstraat 10 ** ** B-3200 Aarschot (B) ** ** tel: +32(0)16 56 61 04 ** ** fax: +32(0)16 56 29 52 ** ** Website: www.sanctamaria-aarschot.be ** ** e-mail: chris.hendrickx@sanctamaria-aarschot.be ** ***************************************************** ---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
Auth.pm and Auth_with_ldap.pm are NOT interchangeable. This should be clear because Auth.pm makes use of Auth_with_ldap when necessary and Auth_with_ldap does not implement all the API of Auth. So your problem right now is that the file switch has broken basic Koha functions. The previous problem with LDAP is: LDAP Auth rejected : invalid password for user 'jimmy'.
LDAP error #5: LDAP_COMPARE_FALSE, This code is returned when a compare request completes and the attribute value, given is not in the entry specified.
So you either don't have passwords in your LDAP schema, or you haven't accurately mapped to them in the <ldapserver><mapping> portion of the $KOHA_CONF file. Probably the latter. :) From perldoc C4::Auth_with_ldap: <mapping> <!-- match koha SQL field names to your LDAP record field names --> <firstname is="givenname" ></firstname> <surname is="sn" ></surname> <address is="postaladdress" ></address> <city is="l" >Athens, OH</city> <zipcode is="postalcode" ></zipcode> <branchcode is="branch" >MAIN</branchcode> <userid is="uid" ></userid> <password is="userpassword" ></password> <email is="mail" ></email> <categorycode is="employeetype" >PT</categorycode> <phone is="telephonenumber"></phone> </mapping> Find out what field your passwords are in and change that line in KOHA_CONF: <password is="wherever" ></password> --Joe On Wed, Jan 7, 2009 at 4:28 AM, Chris Hendrickx < chris.hendrickx@sanctamaria-aarschot.be> wrote:
Hello,
It looks like not so many people are using Koha 3.0 with LDAP as I didn't get any replies on a previous request.
In a first instance, Koha was asking the LDAP server for information and LDAP returned that the user was not found: (user = jimmy)
****************************** * from koha-opac-error_log: * ****************************** [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: LDAP Auth rejected : invalid password for user 'jimmy'. LDAP error #5: LDAP_COMPARE_FALSE, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: # This code is returned when a compare request completes and the attribute value, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: given is not in the entry specified, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: , referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: HTML::Template::Pro:template doc-head-open.inc not found! at /usr/share/koha/lib/C4/Auth.pm line 833, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:23:54 2009] opac-user.pl: HTML::Template::Pro:template doc-head-close.inc not found! at /usr/share/koha/lib/C4/Auth.pm line 833, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 09:23:54 2009] [error] [client 192.168.0.66] EXPR:at pos 29: non-initialized variable virtualshelves, referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl *************************************************
I tried changing Auth.pm with Auth_with_ldap.pm and now got this in the logs:
****************************** * from koha-opac-error_log: * ****************************** [Wed Jan 07 09:28:22 2009] [error] [client 192.168.0.66] [Wed Jan 7 09:28:22 2009] opac-user.pl: Undefined subroutine &main::get_template_and_user called at /usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 37, <DATA> line 275., referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl [Wed Jan 07 10:09:44 2009] [error] [client 192.168.0.66] [Wed Jan 7 10:09:44 2009] opac-user.pl: Undefined subroutine &main::get_template_and_user called at /usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 37, <DATA> line 275., referer: http://192.168.0.8/cgi-bin/koha/opac-user.pl ***************************************************
And instead of being returned to the login box on the local koha-site this information is displayed: ************************************************* Koha error
The following fatal error has occurred:
Undefined subroutine &main::get_template_and_user called at /usr/share/koha/opac/cgi-bin/opac/opac-user.pl line 37, <DATA> line 275.
Apache Server version: Apache/2.2.8 (Ubuntu) Server built: Jun 25 2008 13:54:13 Koha 3.00.00.107 Koha DB 3.0000107 MySQL mysql Ver 14.12 Distrib 5.0.51a, for debian-linux-gnu (i486) using readline 5.2 OS Linux Octopus 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux Perl 5.008008 *************************************************
More info: this is Koha 3.0 on Ubuntu 8.04LTS server
I found lots of info and patches about "get_template_and_user" but I do not know how to implement or use these patches nor do I know where to find the right one for my problem (patching opac-user.pl)
I'll be thankful for any help or hint that helps me on the way of making this work!
Chris Hendrickx,
ICT Coördinator
***************************************************** ** Instituut Sancta Maria Aarschot ** ** Kardinaal Mercierstraat 10 ** ** B-3200 Aarschot (B) ** ** tel: +32(0)16 56 61 04 ** ** fax: +32(0)16 56 29 52 ** ** Website: www.sanctamaria-aarschot.be ** ** e-mail: chris.hendrickx@sanctamaria-aarschot.be ** *****************************************************
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
_______________________________________________ Koha mailing list Koha@lists.katipo.co.nz http://lists.katipo.co.nz/mailman/listinfo/koha
Joe Atzberger a écrit :
Auth.pm and Auth_with_ldap.pm are NOT interchangeable. This should be clear because Auth.pm makes use of Auth_with_ldap when necessary and Auth_with_ldap does not implement all the API of Auth. just for everyone information : in Koha 2.2.x, it WAS interchangeable : if you wanted ldap, you had to rename Auth_with_ldap.pm to Auth.pm
Maybe that's why Chris H. tried that -- Paul POULAIN http://www.biblibre.com Expert en Logiciels Libres pour l'info-doc Tel : (33) 4 91 81 35 08
Hi, Indeed, when you get stuck you start trying things. I reverted to the original setup (Auth + Auth_with_ldap) and got the site back. The problem I see in the logs is that the login/password combination is not validated by the LDAP. When I try with a non-existing user it returns something like "0 objects found". So it passes information to the ldap server and gets a reply. This ldap is also used for samba (windows login in the classrooms), horde (e-mail), Moodle (Open learning platform) and some smaller tools. So I don't want to touch LDAP too much (in fact, I did that and nothing was working anymore,... one week work to get things running smooth again) Does anybody know about some encryption that is used by Koha? Our server is set to "simple" and maybe Koha tries to encrypt the password? Or is this also only for older versions? Thanks for some replies anyway! Quoting paul POULAIN <paul.poulain@biblibre.com>:
Joe Atzberger a écrit :
Auth.pm and Auth_with_ldap.pm are NOT interchangeable. This should be clear because Auth.pm makes use of Auth_with_ldap when necessary and Auth_with_ldap does not implement all the API of Auth. just for everyone information : in Koha 2.2.x, it WAS interchangeable : if you wanted ldap, you had to rename Auth_with_ldap.pm to Auth.pm
Maybe that's why Chris H. tried that
-- Paul POULAIN http://www.biblibre.com Expert en Logiciels Libres pour l'info-doc Tel : (33) 4 91 81 35 08
---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
participants (3)
-
Chris Hendrickx -
Joe Atzberger -
paul POULAIN