[Koha] Koha - Active Directory LDAP struggles

Karam Qubsi karam at xentralmethods.com
Fri May 28 02:25:05 NZST 2021 

Glad it worked :)

On Thu, May 27, 2021 at 10:23 PM Michael BC <sanbient at gmail.com> wrote:

> Thank you, another user reached out.
>
> It turned out that my userid attribute needed to be "userPrincipalName" to
> work within the environment.
>
>
>
> On Thu, May 27, 2021, 7:16 AM Karam Qubsi <karam at xentralmethods.com>
> wrote:
>
>> Hello Michael,
>>
>> if your users will insert usernames as *firstname.lastname* in koha, and
>> you need to match it as firstname.lastname at XXXX.XXX in your ldap server
>> then you need to update your config like this :
>> <principal_name>%s at XXXX.XXX</principal_name>
>>
>> Hope this can help
>> Best wishes
>>
>> On Wed, May 26, 2021 at 10:44 PM Michael BC <sanbient at gmail.com> wrote:
>>
>>> I've tried searching the archives and can't seem to find the answer. When
>>> we use a correct username/password, the login page generates a Software
>>> Error:
>>>
>>> LDAP search failed to return object : 0000208F: LdapErr: DSID-0C090AC0,
>>> comment: Error processing name, data 0, v3839 at
>>> /usr/share/koha/lib/C4/Auth_with_ldap.pm line 97.
>>>
>>> Our conf file is set up like this:
>>>
>>>  <useldapserver>1</useldapserver>
>>>  <ldapserver id="ldapserver" listenref="ldapserver">
>>>  <hostname>ldaps://ldap.azag.gov</hostname>
>>>  <base>"OU=XX,DC=XXXX,DC=XXX"</base>
>>>  <user>ldapauth</user><!-- DN, if not anonymous -->
>>>  <pass>XXXXXX</pass>              <!-- password, if not anonymous -->
>>>  <replicate>1</replicate>       <!-- add new users from LDAP to Koha
>>> database -->
>>>  <update>1</update>             <!-- update existing users in Koha
>>> database
>>> -->
>>>  <auth_by_bind>1</auth_by_bind> <!-- set to 1 to authenticate by binding
>>> instead of password comparison, e.g., to use A$ -->
>>>  <anonymous_bind>0</anonymous_bind>
>>>  <principal_name>%s</principal_name>
>>>  <mapping>             <!-- match koha SQL field names to your LDAP
>>> record
>>> field names -->
>>>  <userid is="sAMAccountName"></userid>
>>>  <password is="userpassword"></password>
>>>  <firstname is="givenname"></firstname>
>>>       <surname is="sn"></surname>
>>>  <branchcode is="">XXXX</branchcode>
>>>  <categorycode is="">PT</categorycode>
>>>  <email        is="mail"></email>
>>>  </mapping>
>>>  </ldapserver>
>>>
>>> When logging in, we have to use "username at XXXX.XXX" instead of just
>>> "username". However, our emails are formatted
>>> "firstname.lastname at XXXX.XXX".
>>> I thought this might be the reason it's generating the error, but I'm not
>>> sure how to change the config file to reflect that. Or if I need to
>>> change
>>> the auth_with_ldap file.
>>>
>>> Thanks,
>>> Michael
>>> _______________________________________________
>>>
>>> Koha mailing list  http://koha-community.org
>>> Koha at lists.katipo.co.nz
>>> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>>>
>>
>>
>> --
>> *Karam Qubsi*
>>
>

-- 
*Karam Qubsi*

More information about the Koha mailing list