[Koha] difficulties authenticating after samba/openldap -> samba4 AD migration
mourik jan heupink - merit
heupink at merit.unu.edu
Wed Apr 2 06:42:13 NZDT 2014
Hi all,
We've been running samba3/openldap in combo with koha for years, until
the time came to upgrade to samba4 AD. Did that last weekend, and today
I tried to connect koha (3.12.01, I know, we have to upgrade) to the
samba4 ldap server.
We're using auth_by_bind, which should be supported by Active Directory,
checked principle name many times.
However, I can't login, apache logs says: " LDAP Auth rejected :
(uid=heupink) gets 0 hits". Using tcpflow, I can see that my dc1 answers
"600002020: Operation unavailable without authentication".
So, before I start doing bigger things (like updating koha, which has
always been running fine) I'd like to know if I'm missing something
obvious? I'm sure many people here are using (native) active directory
to authenticate to? Any tips..?
Here is my AD samba4 config:
<ldapserver id="dc1">
<hostname>dc1.my.domain</hostname>
<base>CN=Users,DC=samba,DC=my,DC=domain</base>
<replicate>1</replicate>
<update>1</update>
<auth_by_bind>1</auth_by_bind>
<principal_name>CN=%s,CN=Users,DC=samba,DC=my,DC=domain</principal_name>
<mapping>
<firstname is="givenName" ></firstname>
<surname is="sn" ></surname>
<address is="streetAddress" >our address</address>
<city is="l" >our city</city>
<zipcode is="postalCode" >our postcode</zipcode>
<branchcode is="branch" >our_branch</branchcode>
<userid is="uid" ></userid>
<password is="userPassword" ></password>
<email is="mail" ></email>
<categorycode is="employeeType" >A</categorycode>
<phone is="telephoneNumber"></phone>
</mapping>
</ldapserver>
Regards,
MJ
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the Koha
mailing list