[Koha] Koha ldap authentification

Scott Owen sowen at edzone.net
Wed May 11 00:12:59 NZST 2011


mihafan,

I'm not familiar with Microsofts LDAP schema, but, 

Are you sure this is correct??
 
    <base>dc=koha,dc=local</base> 
    <user>cn=Administrator,cn=Users,dc=koha,dc=md</user>

as I understand it <base> section sets the base to start searching for users for authentication, not the <base> for the server?
do you need to put in the full dn for the user even after you specified the "base" ?

maybe try:
    <base>dc=koha,dc=md</base> 
    <user>cn=Administrator,cn=Users</user>             
    <pass>Q1W2e3r4</pass> 



Here is my working LDAP config. section for eDir. maybe it will point you in the correct direction.
in the <base> section my T = my root tree name 

**************************************
<useldapserver>1</useldapserver><!-- see C4::Auth_with_ldap for extra configs you must add if you want to turn this on -->
 <!-- LDAP SERVER (optional) -->
 <ldapserver id="ldapserver"  listenref="ldapserver">
  <hostname>10.1.1.7</hostname>
  <base>T=ALMASCHOOLS</base>
  <user>*************</user>             <!-- DN, if not anonymous -->
  <pass>*************</pass>      <!-- password, if not anonymous -->
  <replicate>1</replicate>   <!-- add new users from LDAP to Koha database -->
  <update>0</update>         <!-- update existing users in Koha database -->
  <mapping>             <!-- match koha SQL field names to your LDAP record field names -->
   <firstname    is="givenname"      ></firstname>
   <surname      is="sn"             ></surname>
   <address      is=""    >Alma Public Schools</address>
   <city         is=""    >Alma</city>
   <zipcode      is=""    >48801</zipcode>
   <branchcode   is=""    >PINE</branchcode>
   <userid       is="cn"            ></userid>
   <password     is=""    ></password>
   <email        is="mail"           ></email>
   <categorycode is=""   >PT</categorycode>
   <phone        is="telephonenumber"></phone>
  </mapping>
</ldapserver>
**************************************************


>>> mihafan<mihafan at gmail.com> 5/10/2011 3:14 AM >>>
Description of problem:

On local machine is installed windows server 2003 with configured active
director.
I installed Debian on another machine, here I installed Koha 3.2 which still
works well.
Koha have configured to use a active directory ldap server.
I test this ldap server with Softerra LDAP Browser and it works, to test
this ldap server I use a credentials:
cn=Administrator,cn=Users,dc=koha,dc=local, password: Q1W2e3r4.
koha-conf.xml contents:
<yazgfs>
..............
<config>
..........................
<memcached_servers></
memcached_servers>
<memcached_namespace></memcached_namespace>

<useldapserver>1</useldapserver>
  <ldapserver id="ldapserver">
    <hostname>192.168.11.90:389</hostname> 
    <base>dc=koha,dc=local</base> 
    <user>cn=Administrator,cn=Users,dc=koha,dc=md</user>             
    <pass>Q1W2e3r4</pass>     
    <replicate>1</replicate>   
    <update>1</update>         
    <auth_by_bind>1</auth_by_bind>
    <principal_name>%@koha.local</principal_name>
    <mapping>           
   
       <firstname    is="givenName"      ></firstname>
       <surname      is="sn"             ></surname>
       <address      is="postalAddress"  ></address>
       <city     is="l" ></city>
       <branchcode   is=""               >MAIN</branchcode>
       <userid       is="sAMAccountName" >Administrator</userid>
       <password     is="userPassword"   ></password>
       <categorycode is="">PT</categorycode>
    </mapping> 
  </ldapserver> 
</config>
</yazgfs>

When I try to log in OPAC module, I give a error "Invalid username or
password"!


--
View this message in context: http://koha.1045719.n5.nabble.com/Koha-ldap-authentification-tp4383836p4383836.html
Sent from the Koha - Discuss mailing list archive at Nabble.com.
_______________________________________________
Koha mailing list  http://koha-community.org
Koha at lists.katipo.co.nz
http://lists.katipo.co.nz/mailman/listinfo/koha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.katipo.co.nz/pipermail/koha/attachments/20110510/9a66c586/attachment-0001.htm 


More information about the Koha mailing list