[Koha] LDAP authentication -- getting closer.....

Scott Owen sowen at edzone.net
Thu Oct 9 06:49:59 NZDT 2008


Hi all,

I seem to be making some headway getting the LDAP authentication working 
betwixt Koha and Netware/NDS/LDAP.

A quick glance at the two login attempts below , shows that a username 
(in my case "test") without the full NDS context will not authenticate 
and will generate a failed user/password combination.

However, using a NDS fully qualified distinguished name (in my case 
cn=test,ou=students,o=SCHOOL) seems to generate a successful login ?
(Sending operation result 0:"":"" to connection 0xa7684b60)
But then dies later on ......(Duplicate entry 'cn=test,ou=stude')

A quick peek at the borrowers in the Koha MySQL data base (CSV export)


338    71582    FA    ZA                   PINE AVENUE        ALMA
339    71583    BR    AU                  PINE AVENUE        ALMA
340    44863    ED    ZA                    PINE AVENUE        ALMA
341    cn=41337,ou=stud                                    
342    cn=test,ou=stude                                    
343    71584    test    test                    123 happy lane         alma


Shows that my test users (test and 41337) are being added to the 
borrowers ???? (FA ZA etc...are truncated user lastnames, firstnames...I 
truncated them for this post)
And that my LDAP attrib mapping in NDS are correct (the firstname, 
lastname address and city are all correct for my "test" user...but they 
are under a user named 71584.....I have no idea where this username came 
from....but I'm guessing it was automagically added (after the two real 
studend ID number of 71582 and 71583))

So...I'm guessing that some playing with the LDAP section of the Auth.pm 
file may allow me to use just a used ID (41337) rather than the fully 
qualified distinguished name ??? Any Ideas on that ??

Any ideas on the Duplicate entry  error ?? (or might this go away as 
soon as the logins are working properly ???)

 
 


********************************
Logging in as "test"


--Intranet Error Log --
New cleartext connection 0xa7684b60 from 10.1.1.192:3081, monitor = 
0x259, index = 1
DoBind on connection 0xa7684b60
Bind name:test, version:3, authentication:simple
Illegal ndsname "test" in ldap2uNDSDN, err = 34 (0x22)
ldap2uNDSDN ldapDN = "test" - error 34 (0x22)
Failed to convert LDAP DN "test" in nds_back_bind, err = 34 (0x22)
Sending operation result 34:"":"" to connection 0xa7684b60
Operation 0x1:0x60 on connection 0xa7684b60 completed in 0 seconds
Monitor 0x259 found connection 0xa7684b60 socket closed, err = -5871, 0 
of 0 bytes read
Monitor 0x259 initiating close for connection 0xa7684b60
Server closing connection 0xa7684b60, socket error = -5871



--DStrace Error Log--
[Wed Oct 08 10:01:47 2008] [error] [client 127.0.0.1] LDAP Auth failed 
server not responding or wrong user password combination at 
c:/usr/koha229/intranet/modules/C4/Auth.pm line 528., referer: 
http://127.0.0.1:8000/cgi-bin/koha/mainpage.pl


*******************************************************


Logging in as cn=test,ou=students,o=SCHOOL

--Intranet Error Log --
New cleartext connection 0xa7684b60 from 10.1.1.192:3088, monitor = 
0x259, index = 1
DoBind on connection 0xa7684b60
Bind name:cn=test,ou=students,o=SCHOOL, version:3, authentication:simple
Sending operation result 0:"":"" to connection 0xa7684b60
Operation 0x1:0x60 on connection 0xa7684b60 completed in 0 seconds
DoSearch on connection 0xa7684b60
Search request:
    base: "OU=STUDENTS,O=SCHOOL"
    scope:2  dereference:2  sizelimit:0  timelimit:0  attrsonly:0
    filter: "(cn=cn=test,ou=students,o=SCHOOL)"
    no attributes
Empty attribute list implies all user attributes
Sending operation result 0:"":"" to connection 0xa7684b60
Operation 0x2:0x63 on connection 0xa7684b60 completed in 0 seconds
Monitor 0x259 found connection 0xa7684b60 socket closed, err = -5871, 0 
of 0 bytes read
Monitor 0x259 initiating close for connection 0xa7684b60
Server closing connection 0xa7684b60, socket error = -5871
Connection 0xa7684b60 closed


--DStrace Error Log--
[Wed Oct 08 10:14:01 2008] [error] [client 127.0.0.1] DBD::mysql::st 
execute failed: Duplicate entry 'cn=test,ou=stude' for key 1 at 
c:/usr/koha229/intranet/modules/C4/Members.pm line 155., referer: 
http://127.0.0.1:8000/cgi-bin/koha/mainpage.pl
************************************************


More information about the Koha mailing list