[Koha] LDAP authentication

mourik jan c heupink heupink at intech.unu.edu
Tue Dec 13 04:11:26 NZDT 2005


hello all!

Sorry... I have no solution, but just wanted to let you and the list 
know that I am following this thread with great interest, as I also want 
to use ldap with koha, and was unable to get it to work...

Kind regards,
Mourik Jan

KL Nasveschuk wrote:
> Hello,
>
> I'm still trying to get LDAP authentication to work on Koha. I've
> modified Auth.pm with the following:
>
>  ##################################################
>         ### LOCAL
>         ### Change the code below to match your own LDAP server.
>         ##################################################
>         # LDAP connexion parameters
>         my $ldapserver = '172.16.0.24';
>         # Infos to do an anonymous bind
>         my $ldapinfos = 'ou=users,dc=tow,dc=net ';
>         my $name  = "ou=users,dc=tow,dc=net";
>         my $db = Net::LDAP->new( $ldapserver );
>
>         # do an anonymous bind
>         my $res =$db->bind();
>         # check connexion
>         if($res->code) {
>                 # auth refused
>                 warn "LDAP Auth impossible : server not responding";
>                 return 0;
>         # search user
>         } else {
>                 my $userdnsearch = $db->search(base => "$name",
>                                 filter =>"(uid=$userid)",
>                                 );
>                 if($userdnsearch->code || ! ( $userdnsearch-> count eq
> 1 ) ) {
>                         warn "LDAP Auth impossible : user unknown in
> LDAP";
>                         return 0;
>                 };
>                 # compare a-weak with $password.
>                 # The a-weak LDAP field contains the password
>                 my $userldapentry=$userdnsearch -> shift_entry;
>                 my $cmpmesg = $db -> compare ( $userldapentry, attr =>
> 'userPassword', value => $password );
>                 if( $cmpmesg -> code != 6 ) {
>                         warn "LDAP Auth impossible : wrong password
> $userldapentry";
>                         return 0;
>                 };
>                 # build LDAP hash
>                 my %memberhash;
>                 my $x =$userldapentry->{asn}{attributes};
>                 my $key;
>                 foreach my $k ( @$x) {
>                         foreach my $k2 (keys %$k) {
>                                 if ($k2 eq 'type') {
>                                         $key = $$k{$k2};
>                                 } else {
>                                         my $a = @$k{$k2};
>                                         foreach my $k3 (@$a) {
>                                                 $memberhash{$key} .=
> $k3." ";
>                                         }
>                                 }
>                         }
>                 }
>                 #
>                 # BUILD %borrower to CREATE or MODIFY BORROWER
>                 # change $memberhash{'xxx'} to fit your ldap structure.
>                 # check twice that mandatory fields are correctly filled
>                 #
>                 my %borrower;
>                 $borrower{cardnumber} = $userid;
>                 $borrower{firstname} = $memberhash{givenName}; #
> MANDATORY FIELD
>                 $borrower{surname} = $memberhash{sn}; # MANDATORY FIELD
>                 $borrower{initials} =
> substr($borrower{firstname},0,1).substr($borrower{surname},0,1)."  "; #
> MANDATORY FIELD
>                 $borrower{streetaddress} =
> $memberhash{homePostalAddress}." "; # MANDATORY FIELD
>                 $borrower{city} = $memberhash{l}." "; # MANDATORY FIELD
>                 $borrower{phone} = $memberhash{homePhone}." "; #
> MANDATORY FIELD
>                 $borrower{branchcode} = $memberhash{businessCategory}; #
> MANDATORY FIELD
>                 $borrower{emailaddress} = $memberhash{mail};
>                 $borrower{categorycode} = $memberhash{employeeType};
>         ##################################################
>         ### /LOCAL
>         ### No change needed after this line (unless there's a bug ;-) )
>         ##################################################
>
>
> The error message I get in opac-err_log is:
>
> [Mon Dec 12 12:04:36 2005] [error] [client 172.16.60.186] LDAP Auth
> impossible : user unknown in LDAP
> at /usr/local/koha/intranet/modules/C4/Auth.pm line 464.
>
> Is there anyway to modify this to get error messages printed to
> opac-error_log, or use a specific user to search the directory. I'm not
> very good at Perl unfortunately, better at PHP.
>
>
> Kent N 
>
> _______________________________________________
> Koha mailing list
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>   


More information about the Koha mailing list