[Koha] Koha authentication against existing LDAP directory

Ben Finney ben+koha at benfinney.id.au
Fri May 22 17:29:55 NZST 2009


Howdy all,

I am trying to get a Koha server to authenticate against an existing
LDAP directory. I've followed what appear to be the appropriate
documentation, but haven't succeeded in authenticating.

Proving that LDAP authentication and query is working:

=====
$ user_uid=percy
$ ldapsearch -LLL -x -D uid=${user_uid},ou=People,dc=lan -W "(uid=${user_uid})"
Enter LDAP Password: 
dn: uid=percy,ou=People,dc=lan
cn: Percy
uid: percy
uidNumber: 1006
loginShell: /bin/sh
homeDirectory: /home/percy
gidNumber: 100
userPassword:: [blabla password hash]
objectClass: posixAccount
objectClass: shadowAccount
objectClass: person
objectClass: inetOrgPerson
shadowLastChange: 14355
gecos: Percy
sn: Percy
=====

The ‘/etc/koha/koha-conf.xml’ contains, in part:

=====
…
<ldapserver id="ldapserver"  listenref="ldapserver">
 <hostname>example.lan</hostname>
 <base>dc=lan</base>
 <replicate>1</replicate>
 <update>1</update>
 <mapping>
                <surname      is="sn"             ></surname>
                <branchcode   is="branch"         >MAIN</branchcode>
                <userid       is="uid"            ></userid>
                <password     is="userpassword"   ></password>
                <categorycode is="employeetype"   >PT</categorycode>
 </mapping>
</ldapserver>
=====

There's also a suggestion in the docs of two other elements, ‘user’ and
‘pass’. But shouldn't the LDAP connection be made as the user who's
trying to authenticate, with the password they used? I hope I don't need
to record some administrative user's authentication information in a
configuration file.

How can I get authentication working with Koha like with other LDAP
clients?

-- 
 \      “I used to be a proofreader for a skywriting company.” —Steven |
  `\                                                            Wright |
_o__)                                                                  |
Ben Finney



More information about the Koha mailing list