[Koha] Question about connect Azure AD and Colleague
Coehoorn, Joel
jcoehoorn at york.edu
Fri Jun 3 04:58:59 NZST 2022
We still have on-prem AD and use a different SIS. However, in some other
ways we are similar, and I believe what we are doing can work for you. And
that is:
1. Koha should get new users from the SIS, rather than AD. This is still a
manual process for us (download a csv report from our portal, upload to
koha), but it is idempotent (meaning librarians can do this as often as
they want without breaking things). The trick is writing the export report
to have student user accounts expire at the appropriate times at the end of
registered academic terms, and setting Koha's circulation rules to
understand how this should work for due dates near those expirations.
2. AD (whether Azure or on-prem) also depends on the SIS for new users, so
Koha users will always match AD users. The SIS becomes your source of truth
here.
3. Setup Koha to use SAML single sign on for authentication. We use a local
AD FS as the IdP, but Azure AD is not very different.
The result is Koha's user accounts are separate from AD but still always
match exactly, and when someone wants to log in to Koha it's checking AD
directly for the authentication via the SSO intermediary.
As for the Colleague<->Azure connection, that's kind of out of scope here,
but a quick google search indicates Colleague might also support SAML, such
that setting things up that way for one application gets you most of the
way there to making it work for the other, as well.
Joel Coehoorn
Director of Information Technology
York College of Nebraska
On Thu, Jun 2, 2022 at 11:44 AM Denise Sandell <denise.sandell at wilson.edu>
wrote:
> Good morning,
> I am exploring the possibility of connecting Azure AD to Koha. Is this
> possible? Currently we export users and their information and import it
> into Koha. We would like this all to be part of our Azure AD experience.
> Secondly would we be able to connect Colleague UI to Koha?
> Thank you
> Denise Sandell
> Denise.sandell at wilson.edu
>
>
> Click here if you want to book a meeting with me<
> https://outlook.office365.com/owa/calendar/DeniseSandell@wilson.edu/bookings/
> >
>
>
> Denise Sandell
> Electronic Resources & Collections Librarian
> WILSON COLLEGE
> 1015 Philadelphia Ave.
> Chambersburg, PA 17201
> denise.sandell at wilson.edu
> o. 717-262-2724
> www.wilson.edu<http://www.wilson.edu/>
>
> [cid:Bold-Logo_eed24b7d-4261-436b-9dc3-5a4a91fc7ae4.png] <
> http://www.wilson.edu/>
>
> Confidentiality Notice: This e-mail, including any attachments, is for the
> sole use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure, or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message.
>
>
> _______________________________________________
>
> Koha mailing list http://koha-community.org
> Koha at lists.katipo.co.nz
> Unsubscribe: https://lists.katipo.co.nz/mailman/listinfo/koha
>
More information about the Koha
mailing list