[Koha] Ldap + Active Directory

bash-fu34 licensing at high-voltage.com
Thu Jul 14 01:50:28 NZST 2011


Will try that, thanks!

Just appears that email would be more efficient and good for reference later.   : )


From: Lori Bowen Ayre [via Koha] [mailto:ml-node+4582703-328389114-224901 at n5.nabble.com]
Sent: Wednesday, July 13, 2011 8:39 AM
To: Licensing
Subject: Re: Ldap + Active Directory

Since you didn't get a response on this list, you might jump onto the IRC channel.  Have you tried that?

Here's how:  Point your favorite IRC client at irc.oftc.net:6667<http://irc.oftc.net:6667> and join #koha, or simply click here<http://en.irc2go.com/webchat/?net=OFTC&room=koha>, or here<http://chat.mibbit.com/?server=irc.oftc.net&channel=%23koha> to connect to the Koha irc-channel with your web-browser. Just type in your nickname and click continue.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=
Lori Bowen Ayre // Library Technology Consultant
The Galecia Group // www.galecia.com<http://www.galecia.com/>
(707) 763-6869 // [hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=0>

[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=1>Specializing in open source ILS solutions, RFID, filtering,
workflow optimization, and materials handling
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

On Wed, Jul 13, 2011 at 4:16 AM, Licensing <[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=2>> wrote:
*** Re-Posting ***


We have not had any responses to our request for help to date.


Has anyone else run into this?

Is there a sample config someone is willing to share?



Thanking you in advance,



________________________________________
From: [hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=3> [[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=4>] on behalf of bash-fu34 [[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=5>]
Sent: Tuesday, June 28, 2011 6:37 PM
To: [hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=6>
Subject: [Koha] Ldap + Active Directory

Firstly, thank you for the awesome Debian documentation! I got this far with
no trouble at all.

When I log into OPAC with an AD account I am told "You entered an incorrect
username or password. Please try again! And remember, usernames and
passwords are case sensitive."

Here is some information regarding my environment (real names hidden to
protect the innocent):

Koha version:   3.05.00.001
Debian Squeeze
DebugLevel set to 2
Windows Server 2008 r2

koha-conf.xml (ldap section)

 <useldapserver>1</useldapserver>
 <ldapserver id="ldapserver">
   <hostname>DOM.TLD</hostname>
   <base>CN=USERS,DC=DOM,DC=TLD</base>
   <user>cn=USERS,dc=DOM,dc=TLD</user>
   <pass>PASSWD</pass>
   <replicate>0</replicate>
   <update>0</update>
   <auth_by_bind>1</auth_by_bind>
   <principal_name>%[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=7></principal_name>
   <mapping>
     <firstname    is="givenname"      ></firstname>
     <surname      is="sn"             ></surname>
     <address      is="postaladdress"  ></address>
     <city         is=""               >CITY, ST</city>
     <zipcode      is="postalcode"     ></zipcode-->
     <branchcode   is="branch"         >MAIN</branchcode>
     <branchcode   is=""         ></branchcode>
     <userid       is="samaccountname" ></userid>
     <password     is="userpassword"   ></password>

     <categorycode is="employeetype"   >PT</categorycode>
     <categorycode is=""   >PT</categorycode>
     <phone        is="telephonenumber"></phone>
   </mapping>
 </ldapserver>

I have tried enabling replicate and/or update, when I do I see the following
error:


 Can't call method "exists" on an undefined value at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 168, <DATA> line 522.


Line 168 contains:

 $userldapentry->exists('uid');

I've tried changing 'uid' to 'samaccount' since that's what I have in our
schema but the error is the same.

I see that one user was able to get AD working by editing the
Auth_with_ldap.pm file:

http://lists.katipo.co.nz/public/koha/2009-May/018547.html

The page he links to does not seem to be available at the moment, not even a
google-cached version. When I make the edits that he mentions Koha will not
even load and I get this error:


 Software error:

 Global symbol "$res" requires explicit package name at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 141, <DATA> line 522.
 Global symbol "$res" requires explicit package name at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 142, <DATA> line 522.
 Global symbol "$res" requires explicit package name at
/usr/share/koha/lib/C4/Auth_with_ldap.pm line 143, <DATA> line 522.
 Compilation failed in require at /usr/share/koha/lib/C4/Auth.pm line 50,
<DATA> line 522.
 BEGIN failed--compilation aborted at /usr/share/koha/lib/C4/Auth.pm line
67, <DATA> line 522.
 Compilation failed in require at
/usr/share/koha/opac/cgi-bin/opac/opac-user.pl<http://opac-user.pl> line 25, <DATA> line 522.
 BEGIN failed--compilation aborted at
/usr/share/koha/opac/cgi-bin/opac/opac-user.pl<http://opac-user.pl> line 25, <DATA> line 522.


I have spent most of the day reading through any and all Ldap/AD-related
posts on the Koha mailing lists but I don't see anything that stands out as
what I am doing wrong or that applies to my situation.

Is there some other way to get more verbose feedback, or perhaps something
that should be done differently for Server 2008?

Thanks for reading :-)

--
View this message in context: http://koha.1045719.n5.nabble.com/Ldap-Active-Directory-tp4533702p4533702.html
Sent from the Koha - Discuss mailing list archive at Nabble.com.
_______________________________________________
Koha mailing list  http://koha-community.org
[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=8>
http://lists.katipo.co.nz/mailman/listinfo/koha
_______________________________________________
Koha mailing list  http://koha-community.org
[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=9>
http://lists.katipo.co.nz/mailman/listinfo/koha


_______________________________________________
Koha mailing list  http://koha-community.org
[hidden email]</user/SendEmail.jtp?type=node&node=4582703&i=10>
http://lists.katipo.co.nz/mailman/listinfo/koha
________________________________
If you reply to this email, your message will be added to the discussion below:
http://koha.1045719.n5.nabble.com/Ldap-Active-Directory-tp4533702p4582703.html
To unsubscribe from Ldap + Active Directory, click here<http://koha.1045719.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4533702&code=bGljZW5zaW5nQGhpZ2gtdm9sdGFnZS5jb218NDUzMzcwMnwxODcxODU2ODIw>.


--
View this message in context: http://koha.1045719.n5.nabble.com/Ldap-Active-Directory-tp4533702p4582740.html
Sent from the Koha - Discuss mailing list archive at Nabble.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20110713/402e7da0/attachment.htm 


More information about the Koha mailing list