[Koha] LDAP and password storage

Ian Walls ian.walls at bywatersolutions.com
Wed Oct 5 04:02:02 NZDT 2011 

Tom,


What version are you on?  From the code, the password hash should only be
stored if the patron is returning (that is they already have an account in
Koha), and you have Update turned on.  Alternatively, if you've got a new
patron signing in for the first time, and Replicate is on, and you've got
the password in the <mapping>, then it would also be hashed and stored.
These should be the only circumstances.


-Ian

2011/10/4 Scott Owen <sowen at edzone.net>

>  Tom,
>
> As I understand it:
> The Koha LDAP authentication mechanism copies user information from the
> LDAP tree to the local SQL database on the Koha server in order to create
> "user" accounts.
> I believe one of the minimum requirements to create a Koha "user" account
> is a password.
>  Because of Koha's requirements for creating users, I don't think you will
> be able to populate the necessary fields to allow for users logins, without
> populating a password field.
> Last time I dealt with them, passwords were hashed with MD5, and no clear
> text password were saved on the Koha system.
>
> -Scott
>
>
>
>
> >>> Tom Hanstra<tom at nd.edu> 10/4/2011 9:56 AM >>>
>
> We now have LDAP working to authenticate on logins.  But we have also
> noticed that Koha stores that same password locally.  Is there a
> configurable switch that I have not yet found which will keep LDAP
> connected logins from local storage?
>
> Thanks,
> Tom
>
> --
>
>
>
> -----------------------------------------------------------------------------
>       Tom Hanstra                              Systems Administrator
>       Hesburgh Libraries of Notre Dame         Phone: (574)631-4686
>       213 Hesburgh Library                     Email: tom at nd.edu
>       Notre Dame, IN  46556
>
>       Every day, from here to there, funny things are everywhere.
>                                                           Dr. Seuss
>
> -----------------------------------------------------------------------------
>
> _______________________________________________
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>
>
> _______________________________________________
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>
>


-- 
Ian Walls
Lead Development Specialist
ByWater Solutions
Phone # (888) 900-8944
http://bywatersolutions.com
ian.walls at bywatersolutions.com
Twitter: @sekjal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.katipo.co.nz/pipermail/koha/attachments/20111004/ff601c8e/attachment-0001.html>

More information about the Koha mailing list