[Koha] LDAP authentication problem

Lichtsteiner Patric (lici) lici at zhaw.ch
Wed Mar 27 02:55:06 NZDT 2019 

Thanks a lot for the help from all of you.
Just as a reference, if somebody with the same problem searches in the archive of this mailinglist:

To enable ldap to a active directory in koha:

In the file /etc/koha/sites/<instance>/koha-conf.xml
 <useldapserver>1</useldapserver>
 <ldapserver id="ldapserver" listenref="ldapserver">
   <hostname>server.zhaw.ch</hostname>
   <base>OU=unit,DC=zhaw,DC=ch</base>
   <replicate>1</replicate>
   <update>1</update>
   <anonymous_bind>0</anonymous_bind>
   <auth_by_bind>1</auth_by_bind>
   <principal_name>%s at zhaw.ch</principal_name>
   <update_password>0</update_password>
   <mapping>
      <firstname    is="givenname"      ></firstname>
      <surname      is="sn"             ></surname>
      <userid       is="samAccountName" ></userid>
      <email        is="mail"           ></email>
      <phone        is="telephonenumber"></phone>
      <branchcode   is="">T</branchcode>
      <categorycode is="">A</categorycode>
   </mapping>
 </ldapserver>

It is needed that there is a Library with the code “T” and a Patron category with the code “A”.

Next, you have to restart the following daemons:
/etc/init.d/koha-common  restart
/etc/init.d/memcached restart

Best,
Patric

> On 18 Mar 2019, at 16:55, Lichtsteiner Patric (lici) <lici at zhaw.ch> wrote:
> 
> Hi all,
> 
> We are currently evaluating koha for our university.
> 
> Right now, I’m trying to configure ldap authentication. I followed the following guides:
> https://openschoolsolutions.org/koha-ldap-setup/
> https://perldoc.koha-community.org/C4/Auth_with_ldap.html
> 
> I did the following configuration in /etc/koha/sites/<library name>/koha-conf.xml
> 
> <useldapserver>1</useldapserver>
> <ldapserver id="ldapserver" listenref="ldapserver">
>   <hostname>ldap://ldap.domain.ch</hostname>
>   <base>ou=users,DC=domain,DC=ch</base>
>   <user>CN=srvc-koha,OU=unit,DC=domain,DC=ch</user><!-- DN, if not anonymous -->
>   <pass>somepass</pass><!-- password, if not anonymous -->
>   <replicate>1</replicate>       <!-- add new users from LDAP to Koha database -->
>   <update>1</update>             <!-- update existing users in Koha database -->
>   <auth_by_bind>1</auth_by_bind> <!-- set to 1 to authenticate by binding instead of password comparison, e.g., to use A$ -->
>   <principal_name>%s at domain.ch</principal_name>
>   <update_password>0</update_password>
>   <mapping>             <!-- match koha SQL field names to your LDAP record field names -->
>      <firstname    is="givenname"      ></firstname>
>      <surname      is="sn"             ></surname>
>      <userid       is="uidNumber"      ></userid>
>      <email        is="mail"           ></email>
>      <phone        is="telephonenumber"></phone>
>   </mapping>
> </ldapserver>
> 
> I’m trying to login to OPAC, but get the error message "You entered an incorrect username or password.” and the log file
> /var/log/koha/<library name>/opac-error.log 
> is still empty.
> 
> How can I debug the ldap authentication in koha?
> 
> Best,
> Patric
> _______________________________________________
> Koha mailing list  http://koha-community.org
> Koha at lists.katipo.co.nz
> https://lists.katipo.co.nz/mailman/listinfo/koha

More information about the Koha mailing list