[Koha] Koha 3 and LDAP

Joe Atzberger ohiocore at gmail.com
Sat Aug 23 10:07:58 NZST 2008


The (unmodified) LDAP code can be configured to copy account information
into Koha at authentication.  This might account for what you see.  Try
changing a password in the LDAP and then logging in to Koha w/ that new
password.  If you don't get in anymore, then you aren't currently using
LDAP, but you still might have old info on anybody that logged in.

--Joe

On Fri, Aug 22, 2008 at 5:41 PM, Paul Landers <paul.landers at ttuhsc.edu>wrote:

> Mourik, I have a Koha 3.0 test server upgraded from an original 3.0
> RC1 installation.    Our I.T. systems group successfully modified /etc/
> koha/koha-conf.xml and Auth_with_ldap.pm to integrate with our
> LDAP.    After upgrading from RC1 to 3.0 I noticed that our modified
> koha-conf.xml and Auth_with_ldap.pm were renamed and replaced with new
> files.  However, LDAP authentication continues to work properly
> despite our customizations no longer existing!  What would account for
> this unexpected success?
>
> Paul Landers
> I.T. Section Manager
> TTUHSC Preston Smith Library
> paul.landers at ttuhsc.edu
> 806.743.2220
>
> On May 29, 2008, at 2:03 AM, mourik jan c heupink wrote:
>
> > > Not returning a password probably isn't a problem.  If I'm reading
> > the
> > > C4::Auth_with_ldap code right, Koha sends the password to the LDAP
> > and
> > > doesn't do anonymous binds.  It's the lack of field data that's a
> > pain.
> >
> > I'm not (yet) familiar with koha3. Normal koha 2 ldap interface was to
> > retrieve the actual password from ldap, and compare it with the
> > password
> > to user supplied. (which is a strange and incompatible way to verify a
> > password)
> >
> > Fortunately it was not difficult to change this behaviour to something
> > else: Attempt to bind to the ldap server with the username/password to
> > user provided.
> >
> > If the binds succeeds, the password is correct. If the bind fails,
> > there
> > could be all sorts of problems: wrong password, ldap server down,
> > network problems, whatever, but result: NO acces.
> >
> > See this page I created: http://wiki.koha.org/doku.php?id=ldap&s=ldap
> >
> > But I agree: you do need (at least some of) the various fields.
> > _______________________________________________
> > Koha mailing list
> > Koha at lists.katipo.co.nz
> > http://lists.katipo.co.nz/mailman/listinfo/koha
>
> _______________________________________________
> Koha mailing list
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20080822/4800e77f/attachment-0001.htm 


More information about the Koha mailing list