<div dir="ltr">The (unmodified) LDAP code can be configured to copy account information into Koha at authentication. This might account for what you see. Try changing a password in the LDAP and then logging in to Koha w/ that new password. If you don't get in anymore, then you aren't currently using LDAP, but you still might have old info on anybody that logged in. <br>
<br>--Joe<br><br><div class="gmail_quote">On Fri, Aug 22, 2008 at 5:41 PM, Paul Landers <span dir="ltr"><<a href="mailto:paul.landers@ttuhsc.edu">paul.landers@ttuhsc.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Mourik, I have a Koha 3.0 test server upgraded from an original 3.0<br>
RC1 installation. Our I.T. systems group successfully modified /etc/<br>
koha/koha-conf.xml and Auth_with_ldap.pm to integrate with our<br>
LDAP. After upgrading from RC1 to 3.0 I noticed that our modified<br>
koha-conf.xml and Auth_with_ldap.pm were renamed and replaced with new<br>
files. However, LDAP authentication continues to work properly<br>
despite our customizations no longer existing! What would account for<br>
this unexpected success?<br>
<br>
Paul Landers<br>
I.T. Section Manager<br>
TTUHSC Preston Smith Library<br>
<font color="#888888"><a href="mailto:paul.landers@ttuhsc.edu">paul.landers@ttuhsc.edu</a><br>
806.743.2220<br>
</font><div><div></div><div class="Wj3C7c"><br>
On May 29, 2008, at 2:03 AM, mourik jan c heupink wrote:<br>
<br>
> > Not returning a password probably isn't a problem. If I'm reading<br>
> the<br>
> > C4::Auth_with_ldap code right, Koha sends the password to the LDAP<br>
> and<br>
> > doesn't do anonymous binds. It's the lack of field data that's a<br>
> pain.<br>
><br>
> I'm not (yet) familiar with koha3. Normal koha 2 ldap interface was to<br>
> retrieve the actual password from ldap, and compare it with the<br>
> password<br>
> to user supplied. (which is a strange and incompatible way to verify a<br>
> password)<br>
><br>
> Fortunately it was not difficult to change this behaviour to something<br>
> else: Attempt to bind to the ldap server with the username/password to<br>
> user provided.<br>
><br>
> If the binds succeeds, the password is correct. If the bind fails,<br>
> there<br>
> could be all sorts of problems: wrong password, ldap server down,<br>
> network problems, whatever, but result: NO acces.<br>
><br>
> See this page I created: <a href="http://wiki.koha.org/doku.php?id=ldap&s=ldap" target="_blank">http://wiki.koha.org/doku.php?id=ldap&s=ldap</a><br>
><br>
> But I agree: you do need (at least some of) the various fields.<br>
> _______________________________________________<br>
> Koha mailing list<br>
> <a href="mailto:Koha@lists.katipo.co.nz">Koha@lists.katipo.co.nz</a><br>
> <a href="http://lists.katipo.co.nz/mailman/listinfo/koha" target="_blank">http://lists.katipo.co.nz/mailman/listinfo/koha</a><br>
<br>
_______________________________________________<br>
Koha mailing list<br>
<a href="mailto:Koha@lists.katipo.co.nz">Koha@lists.katipo.co.nz</a><br>
<a href="http://lists.katipo.co.nz/mailman/listinfo/koha" target="_blank">http://lists.katipo.co.nz/mailman/listinfo/koha</a><br>
</div></div></blockquote></div><br></div>