[Koha] Koha Authentication with Windows Active Directory
Anselm Olweny
aolweny at gmail.com
Mon Sep 7 20:44:02 NZST 2009
Dear Members,
I have installed koha in my institution library and would like patrons
to login at the opac using their active directory accounts.
I have followed the instructions in the Auth_with_ldap.pm file and
made the necessary changes in the koha-conf.xml file.
I have koha version 3.0100041, however when I login using a valid
Active Directory account I get "You entered an incorrect username or
password." in the opac. There are also no errors in both apache and
koha error logs.
I am kindly requesting for any assistance in making this work. I would
appreciate help relating to what changes I may need to do in active
directory as well or Auth_with_ldap.pm. I have attached a copy of my
koha-conf.xml so that you may show me what am getting wrong.
Stay well
Anselm Olweny
Teaching Assistant,
EASLIS, Makerere University
Kampala, Uganda
-------------- next part --------------
<yazgfs>
<!-- [scheme:]host[:port][/databaseName] -->
<!-- scheme: tcp, ssl, unix, http, sru -->
<!-- can run all servers on tcp, but the unix socket is faster -->
<listen id="biblioserver" >unix:/var/run/koha/zebradb/bibliosocket</listen>
<listen id="authorityserver" >unix:/var/run/koha/zebradb/authoritysocket</listen>
<!-- public server runs on tcp -->
<!-- <listen id="publicserver" >tcp:@:9999</listen> -->
<!-- Settings for special biblio server instance for PazPar2.
Because PazPar2 only connects to a Z39.50 server using TCP/IP,
it cannot use the Unix-domain socket that biblioserver uses.
Therefore, a custom server is defined. -->
<!--
<listen id="mergeserver">tcp:@:11001</listen>
<server id="mergeserver" listenref="mergeserver">
<directory>/var/lib/koha/zebradb/biblios</directory>
<config>/etc/koha/zebradb/zebra-biblios.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
</server>
-->
<!-- BIBLIOGRAPHIC RECORDS -->
<server id="biblioserver" listenref="biblioserver">
<directory>/var/lib/koha/zebradb/biblios</directory>
<config>/etc/koha/zebradb/zebra-biblios.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<!-- <docpath>xsl</docpath> -->
<!-- <stylesheet>xsl/default.xsl</stylesheet> -->
<!-- <maximumrecordsize>2000000</maximumrecordsize> -->
<retrievalinfo>
<retrieval syntax="usmarc" name="F"/>
<retrieval syntax="usmarc" name="B"/>
<retrieval syntax="xml" name="F"/>
<retrieval syntax="xml" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rss2">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RSS2.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
<xi:include href="/etc/koha/zebradb/explain-biblios.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>localhost</host>
<port>9998</port>
<database>biblios</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include>
</server>
<serverinfo id="biblioserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>zebrastripes</password>
</serverinfo>
<!-- AUTHORITY RECORDS -->
<server id="authorityserver" listenref="authorityserver" >
<directory>/var/lib/koha/zebradb/authorities</directory>
<config>/etc/koha/zebradb/zebra-authorities.cfg</config>
<cql2rpn>/etc/koha/zebradb/pqf.properties</cql2rpn>
<!-- <docpath>xsl</docpath> -->
<!-- <stylesheet>xsl/default.xsl</stylesheet> -->
<!-- <maximumrecordsize>2000000</maximumrecordsize> -->
<xi:include href="/etc/koha/zebradb/retrieval-info-auth-grs1.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<retrievalinfo>
<retrieval syntax="usmarc" name="F"/>
<retrieval syntax="usmarc" name="B"/>
<retrieval syntax="xml" name="marcxml"
identifier="info:srw/schema/1/marcxml-v1.1">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="dc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2DC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="mods">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2MODS.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="rdfdc">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slim2RDFDC.xsl"/>
</backend>
</retrieval>
<retrieval syntax="xml" name="utils">
<backend syntax="usmarc" name="F">
<marc inputformat="marc" outputformat="marcxml"
inputcharset="utf-8"/>
<xslt stylesheet="/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/xslt/MARC21slimUtils.xsl"/>
</backend>
</retrieval>
</retrievalinfo>
</xi:fallback>
</xi:include>
<xi:include href="/etc/koha/zebradb/explain-authorities.xml"
xmlns:xi="http://www.w3.org/2001/XInclude">
<xi:fallback>
<explain xmlns="http://explain.z3950.org/dtd/2.0/">
<serverInfo>
<host>localhost</host>
<port>9999</port>
<database>authorities</database>
</serverInfo>
</explain>
</xi:fallback>
</xi:include>
</server>
<serverinfo id="authorityserver">
<ccl2rpn>/etc/koha/zebradb/ccl.properties</ccl2rpn>
<user>kohauser</user>
<password>zebrastripes</password>
</serverinfo>
<!-- ADDITIONAL KOHA CONFIGURATION DIRECTIVE -->
<!-- db_scheme should follow the DBD driver name -->
<!-- port info: mysql:3306 Pg:5432 (5433 on Debian) -->
<config>
<db_scheme>mysql</db_scheme>
<database>koha</database>
<hostname>localhost</hostname>
<port>3306</port>
<user>kohaadmin</user>
<pass>idilib</pass>
<biblioserver>biblios</biblioserver>
<biblioservershadow>1</biblioservershadow>
<authorityserver>authorities</authorityserver>
<authorityservershadow>1</authorityservershadow>
<intranetdir>/usr/share/koha/intranet/cgi-bin</intranetdir>
<opacdir>/usr/share/koha/opac/cgi-bin/opac</opacdir>
<opachtdocs>/usr/share/koha/opac/htdocs/opac-tmpl</opachtdocs>
<intrahtdocs>/usr/share/koha/intranet/htdocs/intranet-tmpl</intrahtdocs>
<includes>/usr/share/koha/intranet/htdocs/intranet-tmpl/prog/en/includes/</includes>
<logdir>/var/log/koha</logdir>
<pazpar2url>http://library:11002/search.pz2</pazpar2url>
<install_log>/usr/share/koha/misc/koha-install-log</install_log>
<useldapserver>1</useldapserver><!-- see C4::Auth_with_ldap for extra configs you must add if you want to turn this on -->
<!-- LDAP SERVER (optional) -->
<ldapserver id="10.5.0.21">
<hostname>10.5.0.21</hostname>
<base>dc=idi,dc=local</base>
<user>cn=IDIL Koha,dc=idi,dc=local</user> <!-- DN, if not anonymous -->
<pass>20Library*</pass> <!-- password, if not anonymous -->
<replicate>1</replicate> <!-- add new users from LDAP to Koha database -->
<update>1</update> <!-- update existing users in Koha database -->
<auth_by_bind>1</auth_by_bind> <!-- set to 1 to authenticate by binding instead of
password comparison, e.g., to use Active Directory -->
<principal_name>%koha at idi.local</principal_name>
<!-- optional, for auth_by_bind: a printf format to make userPrincipalName from koha userid -->
<mapping> <!-- match koha SQL field names to your LDAP record field names -->
<firstname is="givenname" ></firstname>
<surname is="sn" ></surname>
<address is="" >1234</address>
<city is="" >Kampala</city>
<zipcode is="" >0987</zipcode>
<branchcode is="" >MAIN</branchcode>
<userid is="uid" ></userid>
<password is="userpassword" ></password>
<email is="" >email at email.com</email>
<categorycode is="" >ST</categorycode>
<phone is=""></phone>
</mapping>
</ldapserver>
</config>
</yazgfs>
More information about the Koha
mailing list