[Koha] LDAP authentication
mourik jan c heupink
heupink at intech.unu.edu
Tue Dec 13 04:11:26 NZDT 2005
hello all!
Sorry... I have no solution, but just wanted to let you and the list
know that I am following this thread with great interest, as I also want
to use ldap with koha, and was unable to get it to work...
Kind regards,
Mourik Jan
KL Nasveschuk wrote:
> Hello,
>
> I'm still trying to get LDAP authentication to work on Koha. I've
> modified Auth.pm with the following:
>
> ##################################################
> ### LOCAL
> ### Change the code below to match your own LDAP server.
> ##################################################
> # LDAP connexion parameters
> my $ldapserver = '172.16.0.24';
> # Infos to do an anonymous bind
> my $ldapinfos = 'ou=users,dc=tow,dc=net ';
> my $name = "ou=users,dc=tow,dc=net";
> my $db = Net::LDAP->new( $ldapserver );
>
> # do an anonymous bind
> my $res =$db->bind();
> # check connexion
> if($res->code) {
> # auth refused
> warn "LDAP Auth impossible : server not responding";
> return 0;
> # search user
> } else {
> my $userdnsearch = $db->search(base => "$name",
> filter =>"(uid=$userid)",
> );
> if($userdnsearch->code || ! ( $userdnsearch-> count eq
> 1 ) ) {
> warn "LDAP Auth impossible : user unknown in
> LDAP";
> return 0;
> };
> # compare a-weak with $password.
> # The a-weak LDAP field contains the password
> my $userldapentry=$userdnsearch -> shift_entry;
> my $cmpmesg = $db -> compare ( $userldapentry, attr =>
> 'userPassword', value => $password );
> if( $cmpmesg -> code != 6 ) {
> warn "LDAP Auth impossible : wrong password
> $userldapentry";
> return 0;
> };
> # build LDAP hash
> my %memberhash;
> my $x =$userldapentry->{asn}{attributes};
> my $key;
> foreach my $k ( @$x) {
> foreach my $k2 (keys %$k) {
> if ($k2 eq 'type') {
> $key = $$k{$k2};
> } else {
> my $a = @$k{$k2};
> foreach my $k3 (@$a) {
> $memberhash{$key} .=
> $k3." ";
> }
> }
> }
> }
> #
> # BUILD %borrower to CREATE or MODIFY BORROWER
> # change $memberhash{'xxx'} to fit your ldap structure.
> # check twice that mandatory fields are correctly filled
> #
> my %borrower;
> $borrower{cardnumber} = $userid;
> $borrower{firstname} = $memberhash{givenName}; #
> MANDATORY FIELD
> $borrower{surname} = $memberhash{sn}; # MANDATORY FIELD
> $borrower{initials} =
> substr($borrower{firstname},0,1).substr($borrower{surname},0,1)." "; #
> MANDATORY FIELD
> $borrower{streetaddress} =
> $memberhash{homePostalAddress}." "; # MANDATORY FIELD
> $borrower{city} = $memberhash{l}." "; # MANDATORY FIELD
> $borrower{phone} = $memberhash{homePhone}." "; #
> MANDATORY FIELD
> $borrower{branchcode} = $memberhash{businessCategory}; #
> MANDATORY FIELD
> $borrower{emailaddress} = $memberhash{mail};
> $borrower{categorycode} = $memberhash{employeeType};
> ##################################################
> ### /LOCAL
> ### No change needed after this line (unless there's a bug ;-) )
> ##################################################
>
>
> The error message I get in opac-err_log is:
>
> [Mon Dec 12 12:04:36 2005] [error] [client 172.16.60.186] LDAP Auth
> impossible : user unknown in LDAP
> at /usr/local/koha/intranet/modules/C4/Auth.pm line 464.
>
> Is there anyway to modify this to get error messages printed to
> opac-error_log, or use a specific user to search the directory. I'm not
> very good at Perl unfortunately, better at PHP.
>
>
> Kent N
>
> _______________________________________________
> Koha mailing list
> Koha at lists.katipo.co.nz
> http://lists.katipo.co.nz/mailman/listinfo/koha
>
More information about the Koha
mailing list